urlscan.io logo urlscan.io
SecurityTrails logo

thjewel.changiairport.com Open in urlscan Pro
74.114.154.22  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://thjewel.changiairport.com/
Effective URL: https://thjewel.changiairport.com/
Submission: On May 05 via api from HK
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 30 IPs in 5 countries across 19 domains to perform 94 HTTP transactions. The main IP is 74.114.154.22, located in Ashburn, United States and belongs to AUTOMATTIC, US. The main domain is thjewel.changiairport.com.
TLS certificate: Issued by R3 on March 18th 2021. Valid for: 3 months.
This is the only time thjewel.changiairport.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 74.114.154.22 2635 (AUTOMATTIC)
23 192.0.77.40 2635 (AUTOMATTIC)
1 2a00:1450:400... 15169 (GOOGLE)
6 52.219.132.114 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2606:2800:135... 15133 (EDGECAST)
15 2a00:1288:80:... 203220 (YAHOO-DEB)
1 2 172.217.23.102 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1288:110... 34010 (YAHOO-IRD)
2 192.0.76.3 2635 (AUTOMATTIC)
5 192.0.77.3 2635 (AUTOMATTIC)
1 2a00:1450:400... 15169 (GOOGLE)
3 6 65.9.84.29 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 152.199.23.180 15133 (EDGECAST)
2 152.195.51.15 15133 (EDGECAST)
1 52.72.233.34 14618 (AMAZON-AES)
11 2.18.235.93 16625 (AKAMAI-AS)
1 2.16.186.66 20940 (AKAMAI-ASN1)
1 18.195.255.193 16509 (AMAZON-02)
1 2.16.186.43 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 3.126.56.137 16509 (AMAZON-02)
94 30
3    74.114.154.22 (Ashburn, United States)

ASN2635 (AUTOMATTIC, US)
thjewel.changiairport.com
23    192.0.77.40 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: assets.tumblr.com
assets.tumblr.com
static.tumblr.com
secure.static.tumblr.com
px.srvcs.tumblr.com
www.tumblr.com
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    52.219.132.114 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: s3-ap-southeast-1.amazonaws.com
s3-ap-southeast-1.amazonaws.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2606:2800:135:155a:23ba:b2a:25ff:122d (United States)

ASN15133 (EDGECAST, US)
consent.cmp.oath.com
service.cmp.oath.com
15    2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
s.yimg.com
fc.yahoo.com
2    172.217.23.102 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f102.1e100.net
6071807.fls.doubleclick.net
2    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1288:110:c204::b000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
geo.query.yahoo.com
geo.yahoo.com
2    192.0.76.3 (United States)

ASN2635 (AUTOMATTIC, US)
pixel.wp.com
5    192.0.77.3 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com
64.media.tumblr.com
1    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
6    65.9.84.29 (United States)

ASN16509 (AMAZON-02, US)
sb.scorecardresearch.com
1    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c04::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    152.199.23.180 (United States)

ASN15133 (EDGECAST, US)
opus.analytics.yahoo.com
2    152.195.51.15 (United States)

ASN15133 (EDGECAST, US)
tag.idsync.analytics.yahoo.com
1    52.72.233.34 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-233-34.compute-1.amazonaws.com
ter-adserver-origin-us.prod.adtechus.com
11    2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com
contextual.media.net
static-eb.media.net
lg3.media.net
hblg.media.net
1    2.16.186.66 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-66.deploy.static.akamaitechnologies.com
qsearch-a.akamaihd.net
1    18.195.255.193 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-255-193.eu-central-1.compute.amazonaws.com
prod-m-node-3111.ssp.advertising.com
1    2.16.186.43 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-43.deploy.static.akamaitechnologies.com
res-a.akamaihd.net
1    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
service.idsync.analytics.yahoo.com
Domain Requested by
14 s.yimg.com thjewel.changiairport.com
assets.tumblr.com
fc.yahoo.com
s.yimg.com
10 assets.tumblr.com thjewel.changiairport.com
assets.tumblr.com
www.tumblr.com
9 static.tumblr.com thjewel.changiairport.com
6 sb.scorecardresearch.com 3 redirects thjewel.changiairport.com
6 s3-ap-southeast-1.amazonaws.com thjewel.changiairport.com
consent.cmp.oath.com
s3-ap-southeast-1.amazonaws.com
5 contextual.media.net thjewel.changiairport.com
contextual.media.net
s.yimg.com
5 64.media.tumblr.com thjewel.changiairport.com
3 lg3.media.net s.yimg.com
contextual.media.net
3 thjewel.changiairport.com 1 redirects assets.tumblr.com
2 hblg.media.net s.yimg.com
2 tag.idsync.analytics.yahoo.com s.yimg.com
tag.idsync.analytics.yahoo.com
2 www.google-analytics.com www.googletagmanager.com
assets.tumblr.com
2 pixel.wp.com thjewel.changiairport.com
www.tumblr.com
2 px.srvcs.tumblr.com thjewel.changiairport.com
2 service.cmp.oath.com assets.tumblr.com
s3-ap-southeast-1.amazonaws.com
2 fonts.gstatic.com fonts.googleapis.com
2 6071807.fls.doubleclick.net 1 redirects thjewel.changiairport.com
2 www.googletagmanager.com thjewel.changiairport.com
1 service.idsync.analytics.yahoo.com tag.idsync.analytics.yahoo.com
1 geo.yahoo.com
1 adservice.google.de adservice.google.com
1 adservice.google.com 6071807.fls.doubleclick.net
1 res-a.akamaihd.net s.yimg.com
1 prod-m-node-3111.ssp.advertising.com thjewel.changiairport.com
1 static-eb.media.net thjewel.changiairport.com
1 qsearch-a.akamaihd.net thjewel.changiairport.com
1 ter-adserver-origin-us.prod.adtechus.com s.yimg.com
1 opus.analytics.yahoo.com s.yimg.com
1 www.google.de thjewel.changiairport.com
1 www.google.com thjewel.changiairport.com
1 stats.g.doubleclick.net assets.tumblr.com
1 www.tumblr.com assets.tumblr.com
1 fc.yahoo.com thjewel.changiairport.com
1 geo.query.yahoo.com assets.tumblr.com
1 consent.cmp.oath.com thjewel.changiairport.com
1 secure.static.tumblr.com thjewel.changiairport.com
1 ajax.googleapis.com thjewel.changiairport.com
1 fonts.googleapis.com thjewel.changiairport.com
94 38

This site contains links to these domains. Also see Links.

Domain
www.yahoo.com
Subject Issuer Validity Valid
thjewel.changiairport.com
R3		 2021-03-18 -
2021-06-16		 3 months crt.sh
tumblr.com
DigiCert SHA2 Extended Validation Server CA		 2020-07-09 -
2022-04-14		 2 years crt.sh
upload.video.google.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.s3-ap-southeast-1.amazonaws.com
DigiCert Baltimore CA-2 G2		 2020-08-27 -
2021-09-01		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
service.cmp.oath.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-18 -
2022-02-22		 a year crt.sh
*.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-05-03 -
2021-06-23		 2 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
analytics.query.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-08 -
2021-09-01		 6 months crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh
*.media.tumblr.com
Sectigo RSA Domain Validation Secure Server CA		 2020-02-10 -
2022-02-09		 2 years crt.sh
*.google.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
opus.analytics.yahoo.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-11 -
2022-01-01		 a year crt.sh
*.idsync.analytics.yahoo.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-04 -
2022-04-04		 a year crt.sh
ter-adserver-origin-us.prod.adtechus.com
DigiCert SHA2 High Assurance Server CA		 2021-02-19 -
2021-08-10		 6 months crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2021-04-12 -
2022-04-20		 a year crt.sh
a248.e.akamai.net
DigiCert Secure Site ECC CA-1		 2020-07-15 -
2021-09-13		 a year crt.sh
ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-04-27 -
2021-07-28		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-22 -
2021-09-15		 6 months crt.sh

This page contains 15 frames:

Primary Page: https://thjewel.changiairport.com/
Frame ID: 62F1002DE34E4F3D1271EBC23D45266A
Requests: 52 HTTP requests in this frame

Frame: https://6071807.fls.doubleclick.net/activityi;dc_pre=CJP-mszgsfACFbTyuwgdmfYHtg;src=6071807;type=cag1875a;cat=cag19000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
Frame ID: 215A0E536B251BA3554B4333866CC1A3
Requests: 1 HTTP requests in this frame

Frame: https://assets.tumblr.com/analytics.html?_v=9f5febfd57a8a649c598d888f2d9e062
Frame ID: 677567C92028182BF342379AEE887A22
Requests: 4 HTTP requests in this frame

Frame: https://assets.tumblr.com/assets/html/iframe/login_check.html?_v=3de94a184d600617102ddd5b48fb36e9
Frame ID: 4B816001BD602787F5CEC72C7B1748F0
Requests: 1 HTTP requests in this frame

Frame: https://s3-ap-southeast-1.amazonaws.com/yahoos3/gdpr/cmpui.html
Frame ID: C8E952231BDCA0A8D3105411A7A38836
Requests: 6 HTTP requests in this frame

Frame: https://www.tumblr.com/dashboard/iframe/consent
Frame ID: A1C3C95ABAAA3ED766145E9D067621EC
Requests: 6 HTTP requests in this frame

Frame: https://s.yimg.com/rq/darla/4-8-0/html/r-csc.html
Frame ID: 8CF51DE2D2B97A0FA6E9A7A7FC2128ED
Requests: 3 HTTP requests in this frame

Frame: https://s.yimg.com/rq/darla/4-8-0/html/r-sf.html
Frame ID: 6D213362846EFAF65F17B969C3B1F268
Requests: 12 HTTP requests in this frame

Frame: https://opus.analytics.yahoo.com/tag/opus-frame.html?id=4
Frame ID: A3025DA459C5A5D64BFD5727542A2BF4
Requests: 1 HTTP requests in this frame

Frame: https://tag.idsync.analytics.yahoo.com/sp-frame.html?referrer=https%3A%2F%2Fthjewel.changiairport.com%2F
Frame ID: FBE9A0F67A100EB13199D0C0084745D5
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUIOZQNV&https=1&itype=CM
Frame ID: 4D720B68C661E9CAE762405217857087
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU2OO4Y3&prvid=2034%2C2033%2C2030%2C251%2C273%2C175%2C2009%2C2029%2C2028%2C3018%2C2027%2C2026%2C214%2C3015%2C238%2C97%2C77%2C99%2C59%2C184%2C261%2C262%2C186%2C188%2C222%2C201%2C2017%2C2038%2C246%2C4%2C126%2C203%2C225%2C226%2C10000%2C80%2C229%2C9&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=VERIZON
Frame ID: 40B060BCAFCE1A557481805133FEC5A8
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/4a/nrrV27271.js
Frame ID: 18195AEF3E2C3B021568B4F7B96CA18A
Requests: 6 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CJP-mszgsfACFbTyuwgdmfYHtg;src=6071807;type=cag1875a;cat=cag19000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;~oref=https://thjewel.changiairport.com/
Frame ID: 9CEA475A3D32F9CB019DB8DE37AAE9A9
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CJP-mszgsfACFbTyuwgdmfYHtg;src=6071807;type=cag1875a;cat=cag19000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;~oref=https://thjewel.changiairport.com/
Frame ID: 8B33E45E8F0A5A52F9AC72E0526A1E74
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://thjewel.changiairport.com/ HTTP 302
    https://thjewel.changiairport.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i

Page Statistics

94
Requests

100 %
HTTPS

48 %
IPv6

19
Domains

38
Subdomains

30
IPs

5
Countries

6054 kB
Transfer

8165 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://thjewel.changiairport.com/ HTTP 302
    https://thjewel.changiairport.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://6071807.fls.doubleclick.net/activityi;src=6071807;type=cag1875a;cat=cag19000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
  • https://6071807.fls.doubleclick.net/activityi;dc_pre=CJP-mszgsfACFbTyuwgdmfYHtg;src=6071807;type=cag1875a;cat=cag19000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
Request Chain 49
  • https://sb.scorecardresearch.com/c2/15742520/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/15742520/cs.js
Request Chain 57
  • https://sb.scorecardresearch.com/b?c1=7&c2=15742520&c4=https%3A%2F%2Fthjewel.changiairport.com%2F&ns__t=1620190672160&ns_c=UTF-8 HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=15742520&c4=https%3A%2F%2Fthjewel.changiairport.com%2F&ns__t=1620190672160&ns_c=UTF-8
Request Chain 58
  • https://sb.scorecardresearch.com/b?c1=2&c2=15742520&c4=https%3A%2F%2Fthjewel.changiairport.com%2F&ns__t=1620190672160&ns_c=UTF-8 HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=15742520&c4=https%3A%2F%2Fthjewel.changiairport.com%2F&ns__t=1620190672160&ns_c=UTF-8

94 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
thjewel.changiairport.com/
Redirect Chain
  • http://thjewel.changiairport.com/
  • https://thjewel.changiairport.com/
270 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://thjewel.changiairport.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
74.114.154.22 Ashburn, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
openresty /
Resource Hash
b953e6cd2b1446a352b04072c35b4dc60a287932b5835545d01457c97dc368cc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: blob: 'unsafe-inline';
Strict-Transport-Security max-age=15552001
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
thjewel.changiairport.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

server
openresty
date
Wed, 05 May 2021 04:57:50 GMT
content-type
text/html; charset=UTF-8
content-length
37193
x-rid
980950fbb76b038aa3f11415d15911a0
p3p
CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
x-xss-protection
1; mode=block
x-content-type-options
nosniff
strict-transport-security
max-age=15552001
content-security-policy
upgrade-insecure-requests; default-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: blob: 'unsafe-inline';
x-tumblr-user
yahooth-jewelofchangi
x-tumblr-pixel-0
https://px.srvcs.tumblr.com/impixu?T=1620190670&J=eyJ0eXBlIjoidXJsIiwidXJsIjoiaHR0cDovL3RoamV3ZWwuY2hhbmdpYWlycG9ydC5jb20vIiwicmVxdHlwZSI6MCwicm91dGUiOiIvIn0=&U=ICFELLIPGL&K=dd35a6cc2f44f4a3d048a439524c6e5570d05be82f50b8d1c1f4db4311329ab9--https://px.srvcs.tumblr.com/impixu?T=1620190670&J=eyJ0eXBlIjoicG9zdCIsInVybCI6Imh0dHA6Ly90aGpld2VsLmNoYW5naWFpcnBvcnQuY29tLyIsInJlcXR5cGUiOjAsInJvdXRlIjoiLyIsInBvc3RzIjpbeyJwb3N0aWQiOiIxODgyMTAwNTczODQiLCJibG9naWQiOjQ2MjA2MzY5OSwic291cmNlIjozM30seyJw
x-tumblr-pixel-1
b3N0aWQiOiIxODc0NjA4ODc5MjkiLCJibG9naWQiOjQ2MjA2MzY5OSwic291cmNlIjozM30seyJwb3N0aWQiOiIxODczMDE1MDI0MTQiLCJibG9naWQiOjQ2MjA2MzY5OSwic291cmNlIjozM30seyJwb3N0aWQiOiIxODY4NTc1NDU3MDkiLCJibG9naWQiOjQ2MjA2MzY5OSwic291cmNlIjozM30seyJwb3N0aWQiOiIxODYyOTkxMzc0NzkiLCJibG9naWQiOjQ2MjA2MzY5OSwic291cmNlIjozM30seyJwb3N0aWQiOiIxODYxMzU5NDk3MzQiLCJibG9naWQiOjQ2MjA2MzY5OSwic291cmNlIjozM30seyJwb3N0aWQiOiIxODU0MjU1MTYxMzkiLCJibG9naWQiOjQ2MjA2MzY5OSwic291cmNlIjozM30seyJwb3N0aWQiOiIxODQ1MjMxOTExNDkiLCJibG
x-tumblr-pixel-2
9naWQiOjQ2MjA2MzY5OSwic291cmNlIjozM31dfQ==&U=MDNJCKMDAP&K=db737ae9512d8644163169d800d0d658b44b6870201db4ea5c30301024d33544
x-tumblr-pixel
3
link
<https://64.media.tumblr.com/ebbf8697b37785150ce2a5e405c0d67e/7ece3448eb79a1af-4c/s128x128u_c1/2ba7b8bf75557a2e6ecd12d56243d7f0824dc566.pnj>; rel=icon
x-ua-compatible
IE=Edge,chrome=1
content-encoding
br
x-ua-device
desktop
vary
X-UA-Device, Accept, Accept-Encoding
accept-ranges
bytes

Redirect headers

Server
openresty
Date
Wed, 05 May 2021 04:57:49 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
0
Connection
keep-alive
X-Rid
f60e2d82e633e7270d550ab1cf6a8959
P3p
CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
X-Frame-Options
deny
X-Xss-Protection
1; mode=block
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=15552001
Location
https://thjewel.changiairport.com/#_=_
X-UA-Compatible
IE=Edge,chrome=1
X-UA-Device
desktop
Vary
X-UA-Device, Accept
pre_tumblelog.js
assets.tumblr.com/assets/scripts/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.tumblr.com/assets/scripts/pre_tumblelog.js?_v=b9f848c06fcba7eaf305d4a7cb7a1b98
Requested by
Host: thjewel.changiairport.com
URL: https://thjewel.changiairport.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
cb9f274aca2fcd18d0ab90868d9e1ff24ea00201b7d2695ce454fc53526cae31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload, max-age=31536000; preload

Request headers

Referer
https://thjewel.changiairport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

x-nc
HIT cdg 1
date
Wed, 05 May 2021 04:57:50 GMT
content-encoding
br
last-modified
Sat, 01 Aug 2020 05:25:08 GMT
server
nginx
etag
W/"5f24fcb4-c3e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
strict-transport-security
max-age=31536000; preload, max-age=31536000; preload
timing-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
index.build.css
assets.tumblr.com/client/prod/standalone/blog-network-npf/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.tumblr.com/client/prod/standalone/blog-network-npf/index.build.css?_v=a6c4ad40cdc663ad83f8a1bbc8aeedc6
Requested by
Host: thjewel.changiairport.com
URL: https://thjewel.changiairport.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
c8a7d71935396f7d4e73146f7318d1567e1a6657e4df196f1702be190c841141
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload, max-age=31536000; preload

Request headers

Referer
https://thjewel.changiairport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

x-nc
HIT cdg 1
date
Wed, 05 May 2021 04:57:50 GMT
content-encoding
br
last-modified
Mon, 04 Jan 2021 22:59:53 GMT
server
nginx
etag
W/"5ff39de9-25fe"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
strict-transport-security
max-age=31536000; preload, max-age=31536000; preload
timing-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
css
fonts.googleapis.com/ 		5 KB
741 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,400i,700|Playfair+Display:400i,700i
Requested by
Host: thjewel.changiairport.com
URL: https://thjewel.changiairport.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
47a38ffaab8c68e1181fab94e88099405f10bd1c6cae5abc8897ff57bb93db7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://thjewel.changiairport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 05 May 2021 04:57:50 GMT
server
ESF
date
Wed, 05 May 2021 04:57:50 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 05 May 2021 04:57:50 GMT
normalize.css
static.tumblr.com/f6ofgcr/7qLnb7k5a/ 		9 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.tumblr.com/f6ofgcr/7qLnb7k5a/normalize.css
Requested by
Host: thjewel.changiairport.com
URL: https://thjewel.changiairport.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
ca6f1ff145eadd67f120a65126e98016f996e057cc7f546d2bc546c4038302d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://thjewel.changiairport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Wed, 05 May 2021 04:57:50 GMT
last-modified
Mon, 01 Sep 2014 05:48:47 GMT
server
nginx
etag
"ecb076ff98d726949a69b8ddffa2d035"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
strict-transport-security
max-age=31536000; preload
accept-ranges
bytes
content-length
9606
travelinspiration17_slidr.css
s3-ap-southeast-1.amazonaws.com/yahoos3/TI2017/ 		15 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3-ap-southeast-1.amazonaws.com/yahoos3/TI2017/travelinspiration17_slidr.css
Requested by
Host: thjewel.changiairport.com
URL: https://thjewel.changiairport.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.132.114 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
5c6569228ec5d1da59f7ec2843028068d3de49c3185034878d981d6ace1578df

Request headers

Referer
https://thjewel.changiairport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Date
Wed, 05 May 2021 04:57:52 GMT
Last-Modified
Mon, 03 Apr 2017 11:34:15 GMT
Server
AmazonS3
x-amz-request-id
QSR9D3DPWEDTEXCN
ETag
"54a7a1de008caf7d858a40d852b98bc7"
x-amz-meta-uid
0
x-amz-meta-gid
0
x-amz-storage-class
REDUCED_REDUNDANCY
x-amz-meta-mode
33188
Accept-Ranges
bytes
Content-Type
text/css
Content-Length
14963
x-amz-id-2
IAue5GdzbE4VVysPDtk8taMjlirXGcJHIZmoDP2cfGhP8T0XYdMQbPtPQAiom3TPtyNli/pdohU=
x-amz-meta-mtime
1491218558
travelinspiration17_default_0.1.1.css
s3-ap-southeast-1.amazonaws.com/yahoos3/TI2017/ 		37 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3-ap-southeast-1.amazonaws.com/yahoos3/TI2017/travelinspiration17_default_0.1.1.css
Requested by
Host: thjewel.changiairport.com
URL: https://thjewel.changiairport.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.132.114 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
22f43473f6e791253536ae25ef4e024ffe957246fb2ad684c4326b55280588c0

Request headers

Referer
https://thjewel.changiairport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Date
Wed, 05 May 2021 04:57:52 GMT
Last-Modified
Wed, 05 Jul 2017 04:58:11 GMT
Server
AmazonS3
x-amz-request-id
QSRF3VN96NW5MKAM
ETag
"2b1517ce3b216f3a9a4811b1a92fa049"
x-amz-meta-uid
0
x-amz-meta-gid
0
x-amz-storage-class
REDUCED_REDUNDANCY
x-amz-meta-mode
33188
Accept-Ranges
bytes
Content-Type
text/css
Content-Length
38050
x-amz-id-2
4rsbulrnpPmWTgMazDaw6D7M/8OkOOFO+F9f2vk9TjZyXuR+id5WaKG9I4D56/sTnLP+8sduGHs=
x-amz-meta-mtime
1499229892
galleria_yahoo.css
static.tumblr.com/f6ofgcr/QU8oew96g/ 		18 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.tumblr.com/f6ofgcr/QU8oew96g/galleria_yahoo.css
Requested by
Host: thjewel.changiairport.com
URL: https://thjewel.changiairport.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
4d43452439357274b14d7a00a238222c9d7271c297442c5d8d91912566830d45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://thjewel.changiairport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Wed, 05 May 2021 04:57:50 GMT
last-modified
Tue, 11 Oct 2016 17:42:17 GMT
server
nginx
etag
"3a10f12f223e82b049d83fd58f260932"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
strict-transport-security
max-age=31536000; preload
accept-ranges
bytes
content-length
18739
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ 		90 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
Requested by
Host: thjewel.changiairport.com
URL: https://thjewel.changiairport.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thjewel.changiairport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date
Wed, 05 May 2021 04:35:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1364
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33018
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 May 2022 04:35:06 GMT
js
www.googletagmanager.com/gtag/ 		88 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-68928646-42
Requested by
Host: thjewel.changiairport.com
URL: https://thjewel.changiairport.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7abe0c618fc5039eedb18ae7ee521688fec9ac9debc5db050dc2397c01565513
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://thjewel.changiairport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date
Wed, 05 May 2021 04:57:51 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35875
x-xss-protection
0
last-modified
Wed, 05 May 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 05 May 2021 04:57:51 GMT
tumblelog_post_message_queue.js
assets.tumblr.com/assets/scripts/ 		355 B
250 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.tumblr.com/assets/scripts/tumblelog_post_message_queue.js?_v=a8fadfa499d8cb7c3f8eefdf0b1adfdd
Requested by
Host: thjewel.changiairport.com
URL: https://thjewel.changiairport.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
ec4317b3c60e5c3f35d9a3662c416d84b0a62b6e11bee8aa70b49eb81937199b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload, max-age=31536000; preload

Request headers

Referer
https://thjewel.changiairport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

x-nc
HIT cdg 1
date
Wed, 05 May 2021 04:57:50 GMT
content-encoding
br
last-modified
Tue, 21 Jul 2020 05:06:19 GMT
server
nginx
etag
W/"5f1677cb-163"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
strict-transport-security
max-age=31536000; preload, max-age=31536000; preload
timing-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
yahoo_logo_white_.png
static.tumblr.com/f6ofgcr/sTYpyhjn3/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.tumblr.com/f6ofgcr/sTYpyhjn3/yahoo_logo_white_.png
Requested by
Host: thjewel.changiairport.com
URL: https://thjewel.changiairport.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
56a52278d8c6cbca3ca30b0ae2405d84ae816c8d9a5a4478454fd15ee717f266
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://thjewel.changiairport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

x-nc
MISS hhn 1
date
Wed, 05 May 2021 04:57:52 GMT
last-modified
Fri, 27 Sep 2019 10:25:52 GMT
server
nginx
etag
"b12b58b387ec899e78cf07532c31566d"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
strict-transport-security
max-age=31536000; preload
accept-ranges
bytes
content-length
4474
title_new2.png
static.tumblr.com/f6ofgcr/E8hpqri7n/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.tumblr.com/f6ofgcr/E8hpqri7n/title_new2.png
Requested by
Host: thjewel.changiairport.com
URL: https://thjewel.changiairport.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
13f8b9a9eff37b2376aa73bfe094aa3e7b07adfeb0e1706811c65fbdbc288271
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://thjewel.changiairport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

x-nc
MISS hhn 1
date
Wed, 05 May 2021 04:57:52 GMT
last-modified
Tue, 30 Apr 2019 07:02:12 GMT
server
nginx
etag
"0f745375b639d2af634e99db6c3796d2"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
strict-transport-security
max-age=31536000; preload
accept-ranges
bytes
content-length
16988
title_big.png
secure.static.tumblr.com/f6ofgcr/HVGni0lhe/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.static.tumblr.com/f6ofgcr/HVGni0lhe/title_big.png
Requested by
Host: thjewel.changiairport.com
URL: https://thjewel.changiairport.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
f94b72f5e3e61f5035414debaa28ac552851ef81662b80601c5055a98f4a4e87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://thjewel.changiairport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

x-nc
MISS cdg 1
date
Wed, 05 May 2021 04:57:52 GMT
last-modified
Sun, 11 Jan 2015 13:29:39 GMT
server
nginx
etag
"012474f16925dd6df79407cd514131ed"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
strict-transport-security
max-age=31536000; preload
accept-ranges
bytes
content-length
8606
packery.pkgd.js
static.tumblr.com/f6ofgcr/hsTosczuy/ 		83 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.tumblr.com/f6ofgcr/hsTosczuy/packery.pkgd.js
Requested by
Host: thjewel.changiairport.com
URL: https://thjewel.changiairport.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
2f153a4344f522ad53159fa59b3899ca12bc2c5eefdb338694f8a67428f74979
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://thjewel.changiairport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Wed, 05 May 2021 04:57:51 GMT
last-modified
Fri, 30 Jun 2017 11:56:59 GMT
server
nginx
etag
"ef19146f4b783f79b772b500632f3f00"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/x-javascript
access-control-allow-origin
*
strict-transport-security
max-age=31536000; preload
accept-ranges
bytes
content-length
84772
jquery.infinitescroll.min.js
static.tumblr.com/f6ofgcr/mobnbae76/ 		21 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.tumblr.com/f6ofgcr/mobnbae76/jquery.infinitescroll.min.js
Requested by
Host: thjewel.changiairport.com
URL: https://thjewel.changiairport.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
5c716b541f4ddccc7b9be7e11b956c77edb05261ac160e4abdc9d72a32f13f2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://thjewel.changiairport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Wed, 05 May 2021 04:57:51 GMT
last-modified
Tue, 02 Sep 2014 18:33:07 GMT
server
nginx
etag
"9fd5b320cee6db894a95bf811ecdb7f0"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/x-javascript
access-control-allow-origin
*
strict-transport-security
max-age=31536000; preload
accept-ranges
bytes
content-length
21555
jquery.sidr.js
static.tumblr.com/f6ofgcr/MTHnv4amx/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.tumblr.com/f6ofgcr/MTHnv4amx/jquery.sidr.js
Requested by
Host: thjewel.changiairport.com
URL: https://thjewel.changiairport.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
1ce701c8370ed363e267233df7c528dc6faa5f2198a97e555ba78322fde7c20d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://thjewel.changiairport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Wed, 05 May 2021 04:57:51 GMT
last-modified
Wed, 23 Sep 2015 06:42:34 GMT
server
nginx
etag
"481d7d1c309e2552dc1d0fd7c7f41bde"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/x-javascript
access-control-allow-origin
*
strict-transport-security
max-age=31536000; preload
accept-ranges
bytes
content-length
9568
cmp3p.js
consent.cmp.oath.com/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cmp.oath.com/cmp3p.js
Requested by
Host: thjewel.changiairport.com
URL: https://thjewel.changiairport.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:135:155a:23ba:b2a:25ff:122d , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/6775) /
Resource Hash
adf388e42c114b0aa19feeb9510a2a0cdf549c4774dfe770c2e2f4e122387a01

Request headers

Referer
https://thjewel.changiairport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date
Wed, 05 May 2021 04:57:51 GMT
content-encoding
gzip
last-modified
Wed, 03 Jun 2020 15:53:49 GMT
server
ECD (frb/6775)
age
1589
etag
"e82e848ea6dfc052ab3b477b75d85aa1+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=3600
x-amz-request-id
63E5PSFRFXB5ECTJ
accept-ranges
bytes
content-length
10237
x-amz-id-2
jvfUwagUeK4mJ9aWiQNzojF5U7oSK67eHBSjlB2X0rvYfZh2XyM4tea55Yv6tFdijKh8aPlRNF0=
expires
Wed, 05 May 2021 05:57:51 GMT
rapid-3.41.3.js
s.yimg.com/ss/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/ss/rapid-3.41.3.js
Requested by
Host: thjewel.changiairport.com
URL: https://thjewel.changiairport.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
d1a98e7b54eeac4a1d26ce1be3bf0609ab182860466a0149c37a838d243ee9e6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://thjewel.changiairport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 16:50:55 GMT
content-encoding
gzip
x-amz-meta-created-date
Fri, 16 Sep 2016 18:10:30 GMT
age
475617
x-amz-server-side-encryption
AES256
x-amz-meta-x-ysws-mbst-vtime
1474049430163009
vary
Origin, Accept-Encoding
x-amz-request-id
F5931J5TCBBQJ6TT
x-amz-id-2
VzhPBpimXMYu/ud5sDACU5qxu+CADr/UcrFkgP9I1h+RdW1JDD8vFCz3tzSnAnwAFskPcw42Bmw=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 06 Mar 2018 19:31:52 GMT
server
ATS
etag
"c19eeac64b6dab6def012d3fc92a9b18-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-version-id
null
x-xss-protection
1; mode=block
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/javascript
x-amz-meta-x-ysws-access
public
x-amz-meta-mbst-etag
"YM:1:fa299d77-8211-4d10-a696-e5fc5f46331d00053ca3e0aa8e41"
x-content-type-options
nosniff
expires
Sat, 05 Sep 2026 00:00:00 GMT
rapidworker-1.2.js
s.yimg.com/ss/ 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/ss/rapidworker-1.2.js
Requested by
Host: thjewel.changiairport.com
URL: https://thjewel.changiairport.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
f2cfbd195dff011843f93e2d32979f6f07926211cbf3edddc3b708b0bb04c8a2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://thjewel.changiairport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

ats-carp-promotion
1
date
Tue, 04 May 2021 10:12:33 GMT
content-encoding
gzip
x-amz-meta-created-date
Wed, 15 Oct 2014 18:48:37 GMT
age
67519
x-amz-server-side-encryption
AES256
x-amz-meta-x-ysws-mbst-vtime
1413398917170161
vary
Origin, Accept-Encoding
x-amz-request-id
8EVMZ9Q6F8KNR5EC
x-amz-id-2
+rZU4/t0k9vC6JBb84hfkiObT655O+9Vkw1iqwM3qLKbjrR/7B8PaKOy9gkfd1gJNkpyNx6JxUE=
accept-ranges
bytes
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 06 Mar 2018 20:46:57 GMT
server
ATS
etag
"e2202e6ed6ef52cec2c4a875c99225ba-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-version-id
null
x-xss-protection
1; mode=block
cache-control
max-age=31536000
content-length
6868
content-type
application/javascript
x-amz-meta-x-ysws-access
public
x-amz-meta-mbst-etag
"YM:1:e64293ae-a913-4bb2-8dd1-87431f3be4230005057a946243f1"
x-content-type-options
nosniff
expires
Sat, 05 Sep 2026 00:00:00 GMT
index.build.js
assets.tumblr.com/client/prod/standalone/tumblelog/ 		698 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.tumblr.com/client/prod/standalone/tumblelog/index.build.js?_v=f3fb5dbb23253ba13bb13591156de3e0
Requested by
Host: thjewel.changiairport.com
URL: https://thjewel.changiairport.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
2f327f72cd401b8b8e7ea178af2bbd9c3dff6dc716b7094c205457b1464804be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload, max-age=31536000; preload

Request headers

Referer
https://thjewel.changiairport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

x-nc
HIT cdg 1
date
Wed, 05 May 2021 04:57:51 GMT
content-encoding
br
last-modified
Thu, 11 Mar 2021 21:12:23 GMT
server
nginx
etag
W/"604a87b7-ae8a8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
strict-transport-security
max-age=31536000; preload, max-age=31536000; preload
timing-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
gtm.js
www.googletagmanager.com/ 		88 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5MCFFN6
Requested by
Host: thjewel.changiairport.com
URL: https://thjewel.changiairport.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4770a058b6e5cca9ccc3a8d5d0c166134284850b068ee9f936c20b713879d969
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://thjewel.changiairport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date
Wed, 05 May 2021 04:57:51 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33392
x-xss-protection
0
last-modified
Wed, 05 May 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 05 May 2021 04:57:51 GMT
ytc.js
s.yimg.com/wi/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: thjewel.changiairport.com
URL: https://thjewel.changiairport.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
63896532a7015ab5b7288359c02124980a5075e9267f0ba3fbfc7c3f5038b478
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://thjewel.changiairport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

ats-carp-promotion
1
date
Wed, 05 May 2021 04:45:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
755
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
content-length
5581
x-amz-id-2
mQ9aDphHluYDSCTCuKawPSXU8vXlNybjD83t7LwyrQAGE6vNbKV0QuuX7cX+z4NcEXOGb4ICvV4=
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Sat, 30 Oct 2021 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Thu, 24 Sep 2020 23:08:16 GMT
server
ATS
etag
"49db10c8315384e8dad2e92a6841ed81-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
95RS5A6ESZC7Q3WK
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
x-amz-version-id
swANRqp_TdPZf97XDKuCKoVnrp7c.h.0
accept-ranges
bytes
content-type
application/javascript
activityi;dc_pre=CJP-mszgsfACFbTyuwgdmfYHtg;src=6071807;type=cag1875a;cat=cag19000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
6071807.fls.doubleclick.net/ Frame 215A
Redirect Chain
  • https://6071807.fls.doubleclick.net/activityi;src=6071807;type=cag1875a;cat=cag19000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
  • https://6071807.fls.doubleclick.net/activityi;dc_pre=CJP-mszgsfACFbTyuwgdmfYHtg;src=6071807;type=cag1875a;cat=cag19000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
496 B
404 B 		Document
General
Check archive.org
Download Go to
Full URL
https://6071807.fls.doubleclick.net/activityi;dc_pre=CJP-mszgsfACFbTyuwgdmfYHtg;src=6071807;type=cag1875a;cat=cag19000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
Requested by
Host: thjewel.changiairport.com
URL: https://thjewel.changiairport.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f102.1e100.net
Software
cafe /
Resource Hash
b3a05ceb70ae54f67410af70b7ad9c37812d656a294932eafd35d0b6b9f63699
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
6071807.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CJP-mszgsfACFbTyuwgdmfYHtg;src=6071807;type=cag1875a;cat=cag19000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://thjewel.changiairport.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
Referer
https://thjewel.changiairport.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Wed, 05 May 2021 04:57:52 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
379
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 05-May-2021 05:12:52 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Wed, 05 May 2021 04:57:52 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://6071807.fls.doubleclick.net/activityi;dc_pre=CJP-mszgsfACFbTyuwgdmfYHtg;src=6071807;type=cag1875a;cat=cag19000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
banner.jpg
static.tumblr.com/f6ofgcr/CdXpq3qjs/ 		177 KB
177 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.tumblr.com/f6ofgcr/CdXpq3qjs/banner.jpg
Requested by
Host: thjewel.changiairport.com
URL: https://thjewel.changiairport.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
44e911ce9b6ce9ced8d252bdc71ccbd8abc3a96889129059f2aea8d43d36dc77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://thjewel.changiairport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

x-nc
MISS hhn 1
date
Wed, 05 May 2021 04:57:51 GMT
last-modified
Wed, 17 Apr 2019 10:59:53 GMT
server
nginx
etag
"3f38fb86036a74c2a282f29d26167b15"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
strict-transport-security
max-age=31536000; preload
accept-ranges
bytes
content-length
180777
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,400i,700|Playfair+Display:400i,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://thjewel.changiairport.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 15:44:07 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:46 GMT
server
sffe
age
479624
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
expires
Fri, 29 Apr 2022 15:44:07 GMT
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,400i,700|Playfair+Display:400i,700i
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9194059997d722ec01e41980dffbff03ebe00808b1cdd164a7fd18a561bc312a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://thjewel.changiairport.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date
Tue, 04 May 2021 21:58:12 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:12:05 GMT
server
sffe
age
25179
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23248
x-xss-protection
0
expires
Wed, 04 May 2022 21:58:12 GMT
eu
service.cmp.oath.com/cmp/v0/location/ 		15 B
243 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://service.cmp.oath.com/cmp/v0/location/eu
Requested by
Host: assets.tumblr.com
URL: https://assets.tumblr.com/assets/scripts/pre_tumblelog.js?_v=b9f848c06fcba7eaf305d4a7cb7a1b98
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:135:155a:23ba:b2a:25ff:122d , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (dcc/4342) /
Resource Hash
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://thjewel.changiairport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'none'
server
ECD (dcc/4342)
date
Wed, 05 May 2021 04:57:51 GMT
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
https://thjewel.changiairport.com
cache-control
no-cache
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
yql
geo.query.yahoo.com/v1/public/ 		281 B
892 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geo.query.yahoo.com/v1/public/yql?yhlVer=2&yhlClient=rapid&yhlS=2145146537&yhlCT=2&yhlBTMS=1620190671850&yhlClientVer=3.41.3&yhlRnd=06JF8p5Ox5fFTHjL&yhlCompressed=0
Requested by
Host: assets.tumblr.com
URL: https://assets.tumblr.com/assets/scripts/pre_tumblelog.js?_v=b9f848c06fcba7eaf305d4a7cb7a1b98
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
7f68db4c076235a413a0d50e81528c4ffd24501dd05379c2ba86ea5ac5d2a9cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://thjewel.changiairport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 05 May 2021 04:57:51 GMT
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin
p3p
policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
access-control-allow-origin
https://thjewel.changiairport.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
strict-transport-security
max-age=31536000
content-type
text/plain;charset=iso-8859-1
content-length
281
expires
Wed, 01 Mar 1995 00:00:00 GMT
analytics.html
assets.tumblr.com/ Frame 6775 		6 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.tumblr.com/analytics.html?_v=9f5febfd57a8a649c598d888f2d9e062
Requested by
Host: thjewel.changiairport.com
URL: https://thjewel.changiairport.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
1f1c3c925c904327278383e58adcee525873348cfeb5347cd26de104a1e26dbc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload max-age=31536000; preload

Request headers

:method
GET
:authority
assets.tumblr.com
:scheme
https
:path
/analytics.html?_v=9f5febfd57a8a649c598d888f2d9e062
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://thjewel.changiairport.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
Referer
https://thjewel.changiairport.com/

Response headers

server
nginx
date
Wed, 05 May 2021 04:57:51 GMT
content-type
text/html; charset=utf-8
last-modified
Sat, 01 Aug 2020 04:59:19 GMT
vary
Accept-Encoding
etag
W/"5f24f6a7-1664"
content-encoding
br
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000 immutable
strict-transport-security
max-age=31536000; preload max-age=31536000; preload
timing-allow-origin
*
x-nc
HIT cdg 1
access-control-allow-origin
*
impixu
px.srvcs.tumblr.com/ 		95 B
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.srvcs.tumblr.com/impixu?T=1620190670&J=eyJ0eXBlIjoidXJsIiwidXJsIjoiaHR0cDovL3RoamV3ZWwuY2hhbmdpYWlycG9ydC5jb20vIiwicmVxdHlwZSI6MCwicm91dGUiOiIvIn0=&U=MPHICKGBON&K=6f005c623b0d75d51188bf3d12743454ef2720de8d55199e4de9a49656a5ff38&R=
Requested by
Host: thjewel.changiairport.com
URL: https://thjewel.changiairport.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://thjewel.changiairport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 04:57:51 GMT
server
nginx
strict-transport-security
max-age=31536000; preload
p3p
CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-type
image/png
content-length
95
impixu
px.srvcs.tumblr.com/ 		95 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.srvcs.tumblr.com/impixu?T=1620190670&J=eyJ0eXBlIjoicG9zdCIsInVybCI6Imh0dHA6Ly90aGpld2VsLmNoYW5naWFpcnBvcnQuY29tLyIsInJlcXR5cGUiOjAsInJvdXRlIjoiLyIsInBvc3RzIjpbeyJwb3N0aWQiOiIxODgyMTAwNTczODQiLCJibG9naWQiOjQ2MjA2MzY5OSwic291cmNlIjozM30seyJwb3N0aWQiOiIxODc0NjA4ODc5MjkiLCJibG9naWQiOjQ2MjA2MzY5OSwic291cmNlIjozM30seyJwb3N0aWQiOiIxODczMDE1MDI0MTQiLCJibG9naWQiOjQ2MjA2MzY5OSwic291cmNlIjozM30seyJwb3N0aWQiOiIxODY4NTc1NDU3MDkiLCJibG9naWQiOjQ2MjA2MzY5OSwic291cmNlIjozM30seyJwb3N0aWQiOiIxODYyOTkxMzc0NzkiLCJibG9naWQiOjQ2MjA2MzY5OSwic291cmNlIjozM30seyJwb3N0aWQiOiIxODYxMzU5NDk3MzQiLCJibG9naWQiOjQ2MjA2MzY5OSwic291cmNlIjozM30seyJwb3N0aWQiOiIxODU0MjU1MTYxMzkiLCJibG9naWQiOjQ2MjA2MzY5OSwic291cmNlIjozM30seyJwb3N0aWQiOiIxODQ1MjMxOTExNDkiLCJibG9naWQiOjQ2MjA2MzY5OSwic291cmNlIjozM31dfQ==&U=HGELEILDLL&K=49610f5d16b44b68740b635f8295c42d166f2185aca87ca2061f7b71f2948253&R=
Requested by
Host: thjewel.changiairport.com
URL: https://thjewel.changiairport.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://thjewel.changiairport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 04:57:52 GMT
server
nginx
strict-transport-security
max-age=31536000; preload
p3p
CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-type
image/png
content-length
95
showads.js
thjewel.changiairport.com/assets/scripts/tumblr/dashboard/ 		0
286 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thjewel.changiairport.com/assets/scripts/tumblr/dashboard/showads.js
Requested by
Host: assets.tumblr.com
URL: https://assets.tumblr.com/client/prod/standalone/tumblelog/index.build.js?_v=f3fb5dbb23253ba13bb13591156de3e0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
74.114.154.22 Ashburn, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/assets/scripts/tumblr/dashboard/showads.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
thjewel.changiairport.com
referer
https://thjewel.changiairport.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://thjewel.changiairport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

pragma
public
date
Wed, 05 May 2021 04:57:51 GMT
last-modified
Fri, 23 Apr 2021 05:17:42 GMT
server
openresty
etag
"60825876-0"
vary
X-UA-Device, Accept
content-type
application/javascript; charset=utf-8
x-ua-device
desktop
cache-control
max-age=315360000, public, must-revalidate, proxy-revalidate, immutable
accept-ranges
bytes
content-length
0
expires
Thu, 31 Dec 2037 23:55:55 GMT
login_check.html
assets.tumblr.com/assets/html/iframe/ Frame 4B81 		624 B
268 B 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.tumblr.com/assets/html/iframe/login_check.html?_v=3de94a184d600617102ddd5b48fb36e9
Requested by
Host: assets.tumblr.com
URL: https://assets.tumblr.com/client/prod/standalone/tumblelog/index.build.js?_v=f3fb5dbb23253ba13bb13591156de3e0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
2757656f4ab0d64d888fffac135980d6d7ef42fed60814c61e35f44b2d560cd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload max-age=31536000; preload

Request headers

:method
GET
:authority
assets.tumblr.com
:scheme
https
:path
/assets/html/iframe/login_check.html?_v=3de94a184d600617102ddd5b48fb36e9
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://thjewel.changiairport.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
Referer
https://thjewel.changiairport.com/

Response headers

server
nginx
date
Wed, 05 May 2021 04:57:51 GMT
content-type
text/html; charset=utf-8
last-modified
Tue, 21 Jul 2020 05:06:19 GMT
vary
Accept-Encoding
etag
W/"5f1677cb-270"
content-encoding
br
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000 immutable
strict-transport-security
max-age=31536000; preload max-age=31536000; preload
timing-allow-origin
*
x-nc
HIT cdg 1
access-control-allow-origin
*
g.gif
pixel.wp.com/ 		50 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=tumblr&tid=3&rand=3835480&_ts=1620190671890&ref=https%3A%2F%2Fthjewel.changiairport.com%2F
Requested by
Host: thjewel.changiairport.com
URL: https://thjewel.changiairport.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer
https://thjewel.changiairport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date
Wed, 05 May 2021 04:57:51 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
client.php
fc.yahoo.com/sdarla/php/ 		30 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fc.yahoo.com/sdarla/php/client.php?l=MAST{dest:MASTAD;asz:970x250},MON{dest:MONAD;asz:300x600}&f=1197762640
Requested by
Host: thjewel.changiairport.com
URL: https://thjewel.changiairport.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
34d318c99068596e4b2e3dbc938ca029d2706f1d9fac55e0a87c706db15d1b3e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://thjewel.changiairport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date
Wed, 05 May 2021 04:57:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3
x-dns-prefetch-control
off
p3p
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
vary
Accept-Encoding
content-length
12566
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
content-type
text/javascript;charset=UTF-8
cache-control
private,no-cache,no-store
x-robots-tag
noindex, noarchive, nosnippet, nofollow
f9207e765d9d4cdcffe642169044c44f8d032f4a.png
64.media.tumblr.com/d59330229a2016e2a9380d099668460d/7b01474a478fa40e-ba/s640x960/ 		253 KB
253 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://64.media.tumblr.com/d59330229a2016e2a9380d099668460d/7b01474a478fa40e-ba/s640x960/f9207e765d9d4cdcffe642169044c44f8d032f4a.png
Requested by
Host: thjewel.changiairport.com
URL: https://thjewel.changiairport.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
8fda1126c61e6a0d1ae6fd99a0d290352ac714bc44965e358ad0176bff6ce5ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://thjewel.changiairport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

x-nc
MISS cdg 7
date
Wed, 05 May 2021 04:57:52 GMT
last-modified
Fri, 11 Dec 2020 04:04:40 GMT
server
nginx
x-frames
1
etag
"d9278159069c042aee8ee5a40209003d-1498089600-b0c04ff"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
content-disposition
inline; filename="tumblr_d59330229a2016e2a9380d099668460d_f9207e76_640.png"
strict-transport-security
max-age=31536000; preload
timing-allow-origin
*
content-length
258706
96a9ac9f36ec36ee3d69caa1cd2a0f6f56535e60.jpg
64.media.tumblr.com/bd927699edf424188b693c8b7c148996/84a7a9cfd690ea20-96/s640x960/ 		107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://64.media.tumblr.com/bd927699edf424188b693c8b7c148996/84a7a9cfd690ea20-96/s640x960/96a9ac9f36ec36ee3d69caa1cd2a0f6f56535e60.jpg
Requested by
Host: thjewel.changiairport.com
URL: https://thjewel.changiairport.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
fc2785c46bfd8d9a9c13c46ac59b46e9688744176365b16a89d15e94e974f605
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://thjewel.changiairport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

x-nc
MISS cdg 1
date
Wed, 05 May 2021 04:57:52 GMT
last-modified
Fri, 11 Dec 2020 04:04:40 GMT
server
nginx
x-frames
1
etag
"99861abf488ddb34696e6be62089f1c6-1498089600-b0c04ff"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
content-disposition
inline; filename="tumblr_bd927699edf424188b693c8b7c148996_96a9ac9f_640.jpg"
strict-transport-security
max-age=31536000; preload
timing-allow-origin
*
content-length
109110
Jewelcanopy.gif
s.yimg.com/cv/apiv2/default/20190417/cag/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/cv/apiv2/default/20190417/cag/Jewelcanopy.gif
Requested by
Host: thjewel.changiairport.com
URL: https://thjewel.changiairport.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
c9d4ddded3e177fc351d042d51550efc48e0d7a3a4b5632a30319b6d10d492cc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://thjewel.changiairport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date
Wed, 05 May 2021 04:57:53 GMT
x-content-type-options
nosniff
age
2
x-amz-server-side-encryption
AES256
strict-transport-security
max-age=15552000
content-length
2289533
x-amz-id-2
yENYsCPdypOXwPwnNvV6cwvQ2AmU3IV+JnaOwmnboI8aL0vCq4b+3nMrLITnyiV3s+DslVw9dQk=
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 20 Sep 2019 03:26:52 GMT
server
ATS
etag
"221d7e28a2e6f3455b3cdc24794eaa95"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin
x-amz-request-id
MQJ1V90MX8RSP8EM
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/gif
Jeweltravelsquad_updated_2.gif
s.yimg.com/cv/apiv2/default/20190417/cag/ 		230 KB
231 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/cv/apiv2/default/20190417/cag/Jeweltravelsquad_updated_2.gif
Requested by
Host: thjewel.changiairport.com
URL: https://thjewel.changiairport.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
ef592ed6c7f9d5cba994f2a561677e336c27cd9a4706d87ae79160b6fa841a7e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://thjewel.changiairport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date
Wed, 05 May 2021 04:57:53 GMT
x-content-type-options
nosniff
age
2
x-amz-server-side-encryption
AES256
strict-transport-security
max-age=15552000
content-length
235898
x-amz-id-2
biHYkPtnU5IS3Fno6PeebISOPABnc3ZxcCI9o0cCnWmq3vCKo9LT+weKK0Lz+R7tHNjnvq2A5aw=
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 23 Sep 2019 07:28:42 GMT
server
ATS
etag
"8befd1b4df3c06829adab19253d84153"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin
x-amz-request-id
MQJ10GAX03AVSAJ3
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/gif
207b56df57ed01947d5b15338c38c5655518585a.jpg
64.media.tumblr.com/71926f645fccedbeb9f7e9cb7538380f/aab8a8086d303240-02/s640x960/ 		96 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://64.media.tumblr.com/71926f645fccedbeb9f7e9cb7538380f/aab8a8086d303240-02/s640x960/207b56df57ed01947d5b15338c38c5655518585a.jpg
Requested by
Host: thjewel.changiairport.com
URL: https://thjewel.changiairport.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
00c3d727f4c51b8f9487e242fc67713c46694e47714da0dab499b1322eb73c11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://thjewel.changiairport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

x-nc
MISS cdg 7
date
Wed, 05 May 2021 04:57:52 GMT
last-modified
Fri, 11 Dec 2020 04:04:37 GMT
server
nginx
x-frames
1
etag
"21ab1fcd2917cf7cf57fc1df1ae10215-1498089600-b0c04ff"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
content-disposition
inline; filename="tumblr_71926f645fccedbeb9f7e9cb7538380f_207b56df_640.jpg"
strict-transport-security
max-age=31536000; preload
timing-allow-origin
*
content-length
98375
93df888d93ae893427538d76afdeac2fad493cae.jpg
64.media.tumblr.com/2904f75e6a741bcda7a5bf7cc3460aa4/849f4d4f62cc4f44-95/s640x960/ 		195 KB
195 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://64.media.tumblr.com/2904f75e6a741bcda7a5bf7cc3460aa4/849f4d4f62cc4f44-95/s640x960/93df888d93ae893427538d76afdeac2fad493cae.jpg
Requested by
Host: thjewel.changiairport.com
URL: https://thjewel.changiairport.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
9d013836d140b99ca48527a0fb33719b08826f87052d64660116c0306f6d714b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://thjewel.changiairport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

x-nc
MISS cdg 1
date
Wed, 05 May 2021 04:57:52 GMT
last-modified
Sun, 13 Dec 2020 02:48:24 GMT
server
nginx
x-frames
1
etag
"9766a433e3ce95a578cc96a00f5e5431-1498089600-b0c04ff"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
content-disposition
inline; filename="tumblr_2904f75e6a741bcda7a5bf7cc3460aa4_93df888d_640.jpg"
strict-transport-security
max-age=31536000; preload
timing-allow-origin
*
content-length
199608
tumblr_inline_ptahyqejo51t3kw0f_640.jpg
64.media.tumblr.com/0457456ad8e9fcc40145eb1e4fd70cd2/ 		97 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://64.media.tumblr.com/0457456ad8e9fcc40145eb1e4fd70cd2/tumblr_inline_ptahyqejo51t3kw0f_640.jpg
Requested by
Host: thjewel.changiairport.com
URL: https://thjewel.changiairport.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
1e699eb46177b51496bd8a2d28148ae9142cee43d1cdced818294cdcc1526970
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://thjewel.changiairport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

x-nc
MISS cdg 4
date
Wed, 05 May 2021 04:57:52 GMT
last-modified
Mon, 14 Dec 2020 12:10:55 GMT
server
nginx
x-frames
1
etag
"e001fd961ea2913f9cdd1b566c66a6d0-1498089600-21d6383"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
strict-transport-security
max-age=31536000; preload
timing-allow-origin
*
content-length
99303
ill_bandit.jpg
s.yimg.com/cv/apiv2/default/cag/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/cv/apiv2/default/cag/ill_bandit.jpg
Requested by
Host: thjewel.changiairport.com
URL: https://thjewel.changiairport.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
52a56fc70013d3198b29e2367c6704bb11f620153160c82e082157bc9f5bf204
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://thjewel.changiairport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date
Wed, 05 May 2021 04:57:53 GMT
x-content-type-options
nosniff
age
1
x-amz-server-side-encryption
AES256
strict-transport-security
max-age=15552000
content-length
1079307
x-amz-id-2
+wLLqcU/A+KYvAF0zijtwdCm9muEytDfz93/Kpf+neG7KOqxeepxL8OcnHV1VL+d4SvaAa+DRkI=
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 10 May 2019 04:04:43 GMT
server
ATS
etag
"da528933b53f42ddcf631b12c6e11911"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin
x-amz-request-id
MQJBYA0C2XXPCDZM
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/jpeg
16px_on_transparent.gif
static.tumblr.com/f6ofgcr/jHXnesdq5/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.tumblr.com/f6ofgcr/jHXnesdq5/16px_on_transparent.gif
Requested by
Host: thjewel.changiairport.com
URL: https://thjewel.changiairport.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
6e1ef1e35e2d2d2a9fd12c773f8cf7a9224bc42e6a9c447cb685804d6920a5b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://thjewel.changiairport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Wed, 05 May 2021 04:57:51 GMT
last-modified
Sun, 09 Nov 2014 19:20:30 GMT
server
nginx
etag
"1441073206d92f6ed62796a91eb09451"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
strict-transport-security
max-age=31536000; preload
accept-ranges
bytes
content-length
1737
428726.json
s.yimg.com/wi/config/ 		44 B
687 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/428726.json
Requested by
Host: assets.tumblr.com
URL: https://assets.tumblr.com/assets/scripts/pre_tumblelog.js?_v=b9f848c06fcba7eaf305d4a7cb7a1b98
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
b69c2c9b650280c60eda7e10d544a5bd6aa4cc082088c90fe94282fbf757e71d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://thjewel.changiairport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date
Wed, 05 May 2021 04:57:53 GMT
x-content-type-options
nosniff
age
2
x-amz-server-side-encryption
AES256
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
MQJ2AX13KBZ065FA
x-amz-id-2
9C7ay4FEs2kAMV1z0nVR0l2XT/sz2XCHWMBbE6BSdsNsr7NGSDvAjfZjRrDexQDTRGvorj0wpyA=
accept-ranges
bytes
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Sun, 13 Mar 2022 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Fri, 05 Feb 2021 19:30:39 GMT
server
ATS
etag
"910ced7c37874621e8795fb6c30dcbe9"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET
x-amz-version-id
knun0EgeHS5lPXmRDT7gKg8A72P755rg
access-control-allow-origin
*
x-xss-protection
1; mode=block
content-length
44
content-type
application/octet-stream
10078762.json
s.yimg.com/wi/config/ 		2 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/10078762.json
Requested by
Host: assets.tumblr.com
URL: https://assets.tumblr.com/assets/scripts/pre_tumblelog.js?_v=b9f848c06fcba7eaf305d4a7cb7a1b98
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://thjewel.changiairport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date
Wed, 05 May 2021 04:57:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id
MQJ9RBGNHTN12C0W
x-amz-id-2
0k6xXdDRH/ZAFIjjj+XPkwYMskW+DpDsQkoS9f/9DQIhTUbSIJz6pwq4cDX45GzyYVANQmziy6M=
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
content-length
22
cmpui.html
s3-ap-southeast-1.amazonaws.com/yahoos3/gdpr/ Frame C8E9 		485 B
974 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s3-ap-southeast-1.amazonaws.com/yahoos3/gdpr/cmpui.html
Requested by
Host: consent.cmp.oath.com
URL: https://consent.cmp.oath.com/cmp3p.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.132.114 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
d326a48279f647e8da46a116ddf24c520df730bef292c7b2b58c4dcc4cebedbf

Request headers

Host
s3-ap-southeast-1.amazonaws.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://thjewel.changiairport.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
Referer
https://thjewel.changiairport.com/

Response headers

x-amz-id-2
5BmkKnyfD0qaFlnUq2zBFiwh2lSKUaT7zWGkcpS2X0yTzuFt1Kl0sdLiXOLZ+aiYZWWhrRSqJ/Q=
x-amz-request-id
MQJ1B90DC2G9N9WZ
Date
Wed, 05 May 2021 04:57:53 GMT
Last-Modified
Mon, 17 Sep 2018 13:30:47 GMT
ETag
"a657a41213b53603f507afcb9ae775a3"
x-amz-storage-class
REDUCED_REDUNDANCY
x-amz-meta-mode
33188
x-amz-meta-gid
0
x-amz-meta-uid
0
x-amz-meta-mtime
1537191207
Accept-Ranges
bytes
Content-Type
text/html
Content-Length
485
Server
AmazonS3
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-68928646-42
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://thjewel.changiairport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
2320
date
Wed, 05 May 2021 04:19:11 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Wed, 05 May 2021 06:19:11 GMT
consent
www.tumblr.com/dashboard/iframe/ Frame A1C3 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.tumblr.com/dashboard/iframe/consent
Requested by
Host: assets.tumblr.com
URL: https://assets.tumblr.com/client/prod/standalone/tumblelog/index.build.js?_v=f3fb5dbb23253ba13bb13591156de3e0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
3d3bb581cac6eed57c580786722e0d5b4b04f9e720bf2c3d2a4ef311b679d1fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.tumblr.com
:scheme
https
:path
/dashboard/iframe/consent
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://thjewel.changiairport.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
Referer
https://thjewel.changiairport.com/

Response headers

server
nginx
date
Wed, 05 May 2021 04:57:52 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-rid
f94b24c96b64f409a15295917e127fc5
p3p
CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
x-xss-protection
1; mode=block
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
content-security-policy-report-only
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com/beacon.js https://ssl.google-analytics.com/ga.js https://www.google-analytics.com/analytics.js https://fc.yahoo.com/sdarla/php/client.php https://s.yimg.com/rq/darla/ https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.gemini.yahoo.com https://s.yimg.com/av/gemini/ga/gemini-iframe.js https://s.yimg.com/av/curveball/ https://*.quantserve.com https://*.quantcount.com https://quantcast.mgr.consensu.org 'unsafe-eval' 'nonce-kjQejdYJwnVvdaiKVHpP0OcCI'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports;
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
cache-control
no-cache, must-revalidate
x-robots-tag
noindex
x-ua-compatible
IE=Edge,chrome=1
content-encoding
br
strict-transport-security
max-age=31536000; preload
cs.js
sb.scorecardresearch.com/internal-c2/15742520/ Frame 6775
Redirect Chain
  • https://sb.scorecardresearch.com/c2/15742520/cs.js
  • https://sb.scorecardresearch.com/internal-c2/15742520/cs.js
1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/15742520/cs.js
Requested by
Host: thjewel.changiairport.com
URL: https://thjewel.changiairport.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.84.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a31095a30fadc425e1c17ca305f2bbec505a43f618815644eff72f5cbbb5eaf9

Request headers

Referer
https://assets.tumblr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date
Wed, 05 May 2021 04:57:31 GMT
via
1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
etag
"2f3ffc2cc5f49ff261bf57ee6585a8b7"
last-modified
Mon, 01 Mar 2021 20:41:02 GMT
server
AmazonS3
age
41
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
content-length
1420
x-amz-cf-id
gsBMixS8viHxF3KyBmNnU_qoFQm2bSVo3J_3LnRNC2e9e8r0PPmw7w==

Redirect headers

date
Wed, 05 May 2021 04:57:52 GMT
via
1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
/internal-c2/15742520/cs.js
content-length
49
x-amz-cf-id
K3qK4E6Jz3HxZ-Dp4wh8mgLKHHDnw9xclwvjfd7UzOwzHI5GL2c8TA==
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=89911718&t=pageview&_s=1&dl=https%3A%2F%2Fthjewel.changiairport.com%2F&ul=en-us&de=UTF-8&dt=Yahoo%20Thailand%20-%20Jewel%20of%20Changi&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1600616438&gjid=104259768&cid=2046527393.1620190672&tid=UA-68928646-42&_gid=800185119.1620190672&_r=1&gtm=2ou4l3&z=1414344312
Requested by
Host: assets.tumblr.com
URL: https://assets.tumblr.com/assets/scripts/pre_tumblelog.js?_v=b9f848c06fcba7eaf305d4a7cb7a1b98
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://thjewel.changiairport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 May 2021 04:57:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://thjewel.changiairport.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
470 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-68928646-42&cid=2046527393.1620190672&jid=1600616438&gjid=104259768&_gid=800185119.1620190672&_u=YEBAAUAAAAAAAC~&z=405938307
Requested by
Host: assets.tumblr.com
URL: https://assets.tumblr.com/assets/scripts/pre_tumblelog.js?_v=b9f848c06fcba7eaf305d4a7cb7a1b98
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://thjewel.changiairport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 05 May 2021 04:57:52 GMT
content-type
text/plain
access-control-allow-origin
https://thjewel.changiairport.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
header.build.js
assets.tumblr.com/client/prod/app/ Frame A1C3 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.tumblr.com/client/prod/app/header.build.js?_v=6916a2c5f42854026c25988ac3e9c4d8
Requested by
Host: www.tumblr.com
URL: https://www.tumblr.com/dashboard/iframe/consent
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
9064f4ab926b5e7502267116168d45ca724a843f9e4e6600941c947985b9af7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload, max-age=31536000; preload

Request headers

Origin
https://www.tumblr.com
Referer
https://www.tumblr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Wed, 05 May 2021 04:57:52 GMT
content-encoding
br
last-modified
Fri, 30 Apr 2021 14:57:57 GMT
server
nginx
etag
W/"608c1af5-17cd"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
strict-transport-security
max-age=31536000; preload, max-age=31536000; preload
timing-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
exceptions.js
assets.tumblr.com/assets/scripts/tumblr/utils/ Frame A1C3 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.tumblr.com/assets/scripts/tumblr/utils/exceptions.js?_v=45347cc9cdb76e3c2b754e6bb06e8e20
Requested by
Host: www.tumblr.com
URL: https://www.tumblr.com/dashboard/iframe/consent
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
e80adb39fa3b780a43c41c8ffa80cc3fe6ec84f858d7a671f6c5ff5d79342d87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload, max-age=31536000; preload

Request headers

Origin
https://www.tumblr.com
Referer
https://www.tumblr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Wed, 05 May 2021 04:57:52 GMT
content-encoding
br
last-modified
Sun, 01 Nov 2020 05:26:34 GMT
server
nginx
etag
W/"5f9e470a-1500"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
strict-transport-security
max-age=31536000; preload, max-age=31536000; preload
timing-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
index.build.js
assets.tumblr.com/client/prod/standalone/tumblelog/ Frame A1C3 		698 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.tumblr.com/client/prod/standalone/tumblelog/index.build.js?_v=f3fb5dbb23253ba13bb13591156de3e0
Requested by
Host: www.tumblr.com
URL: https://www.tumblr.com/dashboard/iframe/consent
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
2f327f72cd401b8b8e7ea178af2bbd9c3dff6dc716b7094c205457b1464804be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload, max-age=31536000; preload

Request headers

Origin
https://www.tumblr.com
Referer
https://www.tumblr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Wed, 05 May 2021 04:57:52 GMT
content-encoding
br
last-modified
Thu, 11 Mar 2021 21:12:23 GMT
server
nginx
etag
W/"604a87b7-ae8a8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
strict-transport-security
max-age=31536000; preload, max-age=31536000; preload
timing-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
ga-audiences
www.google.com/ads/ 		42 B
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-68928646-42&cid=2046527393.1620190672&jid=1600616438&_u=YEBAAUAAAAAAAC~&z=478032901
Requested by
Host: thjewel.changiairport.com
URL: https://thjewel.changiairport.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thjewel.changiairport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 04:57:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-68928646-42&cid=2046527393.1620190672&jid=1600616438&_u=YEBAAUAAAAAAAC~&z=478032901
Requested by
Host: thjewel.changiairport.com
URL: https://thjewel.changiairport.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thjewel.changiairport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 04:57:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
b2
sb.scorecardresearch.com/ Frame 6775
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=15742520&c4=https%3A%2F%2Fthjewel.changiairport.com%2F&ns__t=1620190672160&ns_c=UTF-8
  • https://sb.scorecardresearch.com/b2?c1=7&c2=15742520&c4=https%3A%2F%2Fthjewel.changiairport.com%2F&ns__t=1620190672160&ns_c=UTF-8
64 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=15742520&c4=https%3A%2F%2Fthjewel.changiairport.com%2F&ns__t=1620190672160&ns_c=UTF-8
Requested by
Host: thjewel.changiairport.com
URL: https://thjewel.changiairport.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.84.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://assets.tumblr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date
Wed, 05 May 2021 04:57:52 GMT
via
1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
E8FDdyzgezitR7uTeLuk2NDAi1KnPXwGu_2Oh_5QhcUY6s7gxHBlEg==

Redirect headers

date
Wed, 05 May 2021 04:57:52 GMT
via
1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=7&c2=15742520&c4=https%3A%2F%2Fthjewel.changiairport.com%2F&ns__t=1620190672160&ns_c=UTF-8
content-length
151
x-amz-cf-id
m4ZJyHRj22Zmm51YRn4IL1rcXp7aKO1GMX0cApCFzLxqaKlAgFGBbQ==
b2
sb.scorecardresearch.com/ Frame 6775
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=15742520&c4=https%3A%2F%2Fthjewel.changiairport.com%2F&ns__t=1620190672160&ns_c=UTF-8
  • https://sb.scorecardresearch.com/b2?c1=2&c2=15742520&c4=https%3A%2F%2Fthjewel.changiairport.com%2F&ns__t=1620190672160&ns_c=UTF-8
64 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=15742520&c4=https%3A%2F%2Fthjewel.changiairport.com%2F&ns__t=1620190672160&ns_c=UTF-8
Requested by
Host: thjewel.changiairport.com
URL: https://thjewel.changiairport.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.84.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://assets.tumblr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date
Wed, 05 May 2021 04:57:52 GMT
via
1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
K6nwex2l36ndc7RlXcO8cZ8ToswrAkTDXZpvXmjrpq_18kZyJTBmYA==

Redirect headers

date
Wed, 05 May 2021 04:57:52 GMT
via
1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=15742520&c4=https%3A%2F%2Fthjewel.changiairport.com%2F&ns__t=1620190672160&ns_c=UTF-8
content-length
151
x-amz-cf-id
8Vc_9TKP6MsaotoylXyA2NfD2CcZUMseoerWTwPqmRCgpfccmi2MYg==
boot.js
s.yimg.com/rq/darla/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/rq/darla/boot.js
Requested by
Host: fc.yahoo.com
URL: https://fc.yahoo.com/sdarla/php/client.php?l=MAST{dest:MASTAD;asz:970x250},MON{dest:MONAD;asz:300x600}&f=1197762640
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
fcbaeadfffc791269a437216ee74bc95aabf4a2ee0a61b152e302a973e78fe63
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://thjewel.changiairport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

ats-carp-promotion
1
date
Tue, 04 May 2021 15:53:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47039
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
content-length
3608
x-amz-id-2
8XlBbejXCcONeme1Ygl9QdOg+h8oqLUBhPrnFTDmPC28Ob1MQJz6Pt28w043wKPAj8FkOGfhgaI=
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 08 Apr 2021 18:32:56 GMT
server
ATS
etag
"06346d00bce3015d21a196043c398a1b-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
NVDH7KJTR0FKJD5Y
x-xss-protection
1; mode=block
cache-control
public,max-age=86400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
cdn.json
assets.tumblr.com/delivery/ Frame A1C3 		20 B
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets.tumblr.com/delivery/cdn.json
Requested by
Host: assets.tumblr.com
URL: https://assets.tumblr.com/assets/scripts/tumblr/utils/exceptions.js?_v=45347cc9cdb76e3c2b754e6bb06e8e20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
43784b4ea8777982fe196812e1fa6ae1483e88bddd94dc377099bb913529a678
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload, max-age=31536000; preload

Request headers

Referer
https://www.tumblr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Wed, 05 May 2021 04:57:52 GMT
content-encoding
br
server
nginx
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
strict-transport-security
max-age=31536000; preload, max-age=31536000; preload
timing-allow-origin
*
g-r-min.js
s.yimg.com/rq/darla/4-8-0/js/ 		203 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/rq/darla/4-8-0/js/g-r-min.js
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/boot.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
9626a3ccc1114446c855c33931928ac95d0a0287566d37129b36a190800ecc51
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://thjewel.changiairport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

ats-carp-promotion
1
date
Thu, 08 Apr 2021 18:49:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2282928
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
content-length
87834
x-amz-id-2
j16BUerrmKOXBrgLB4j1GeoWm27ICk5v7J3Ooqqn7UyrXPXNq/TeKuFqH4i/+12WFcuOSZ5OhIA=
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 08 Apr 2021 18:33:00 GMT
server
ATS
etag
"8b572948cbdd2baf5f540d9955656397-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
QH7QKW7CSHFHQPEY
x-xss-protection
1; mode=block
cache-control
public,max-age=31536000
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
cmpui.js
s3-ap-southeast-1.amazonaws.com/yahoos3/gdpr/ Frame C8E9 		377 KB
378 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-ap-southeast-1.amazonaws.com/yahoos3/gdpr/cmpui.js
Requested by
Host: s3-ap-southeast-1.amazonaws.com
URL: https://s3-ap-southeast-1.amazonaws.com/yahoos3/gdpr/cmpui.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.132.114 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
d7b964b842b9ad0410355d59621acd1b28815a9b9bf746bd03d7af7af3f9791a

Request headers

Referer
https://s3-ap-southeast-1.amazonaws.com/yahoos3/gdpr/cmpui.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Date
Wed, 05 May 2021 04:57:53 GMT
Last-Modified
Mon, 17 Sep 2018 13:33:37 GMT
Server
AmazonS3
x-amz-request-id
MQJA2QCC4MVVY533
ETag
"bd89f107e8d17941591cbb29aff535d1"
x-amz-meta-uid
0
x-amz-meta-gid
0
x-amz-storage-class
REDUCED_REDUNDANCY
x-amz-meta-mode
33188
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
386528
x-amz-id-2
nzAdpViV6Ouwu7dF1qw1tcuWaQ3PXcLL4yda3CIYuYYZUxX0Yv5POOCJ+oDqASedPuLl8F9uPhs=
x-amz-meta-mtime
1537191377
cmpui.css
s3-ap-southeast-1.amazonaws.com/yahoos3/gdpr/ Frame C8E9 		39 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3-ap-southeast-1.amazonaws.com/yahoos3/gdpr/cmpui.css
Requested by
Host: s3-ap-southeast-1.amazonaws.com
URL: https://s3-ap-southeast-1.amazonaws.com/yahoos3/gdpr/cmpui.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.132.114 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
3bf145f4211f66515359acef4b5b1e3ad785d1510328f63f5ef48f090399e434

Request headers

Referer
https://s3-ap-southeast-1.amazonaws.com/yahoos3/gdpr/cmpui.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Date
Wed, 05 May 2021 04:57:53 GMT
Last-Modified
Mon, 17 Sep 2018 13:35:55 GMT
Server
AmazonS3
x-amz-request-id
MQJ1E76DGJZHYTR1
ETag
"07d74aca9aef9b0ee1ddd9d1d0d3f077"
x-amz-meta-uid
0
x-amz-meta-gid
0
x-amz-storage-class
REDUCED_REDUNDANCY
x-amz-meta-mode
33188
Accept-Ranges
bytes
Content-Type
text/css
Content-Length
40210
x-amz-id-2
jkBZOmvQ6pWlukgidy/NZqEL+N5pl1eblXh67xKC+7/5KCwPD3Nxye2ii8OYfJ+WfRcmWLIEFgE=
x-amz-meta-mtime
1537191516
r-csc.html
s.yimg.com/rq/darla/4-8-0/html/ Frame 8CF5 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/rq/darla/4-8-0/html/r-csc.html
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-8-0/js/g-r-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
3f1fdef4f502d2db072df997a1b83e977c3e257521551a9e4de98b1c28fa8a39
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
s.yimg.com
:scheme
https
:path
/rq/darla/4-8-0/html/r-csc.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://thjewel.changiairport.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
Referer
https://thjewel.changiairport.com/

Response headers

x-amz-id-2
kCZpjJQMnH92rTOhzZ4RV6K9oysyNEHp+oaknnXcH6lU7Pwiz2Un6necG5ncfYm/lDhVSHl5GSA=
x-amz-request-id
M9NNYC3B30V1TNJ1
date
Wed, 05 May 2021 03:10:51 GMT
last-modified
Thu, 08 Apr 2021 18:32:57 GMT
etag
"1ff9b6e511ccd76562520a75bae161d2-df"
x-amz-server-side-encryption
AES256
cache-control
public,max-age=31536000
accept-ranges
bytes
content-type
text/html; charset=utf-8
server
ATS
referrer-policy
no-referrer-when-downgrade
vary
Origin, Accept-Encoding
content-encoding
gzip
content-length
1160
age
6423
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block
x-content-type-options
nosniff
r-sf.html
s.yimg.com/rq/darla/4-8-0/html/ Frame 6D21 		2 KB
951 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/rq/darla/4-8-0/html/r-sf.html
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-8-0/js/g-r-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
7ef751a44c2db01056cbdd8e5dc3772ccc817783a190224c49a55c77ad429efd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
s.yimg.com
:scheme
https
:path
/rq/darla/4-8-0/html/r-sf.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://thjewel.changiairport.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
Referer
https://thjewel.changiairport.com/

Response headers

x-amz-id-2
iAljhDRB7ErjpQDEXXducMAoz/kYhyGBzqdFUWhQ6pJJiCgjs1H/BGDymdsEg70vmIIWc9eE0qo=
x-amz-request-id
AK9941VK6VQRN9HN
date
Mon, 26 Apr 2021 09:48:24 GMT
last-modified
Thu, 08 Apr 2021 18:32:57 GMT
etag
"38af3d4f8c84f11502b04431eb9d3a13-df"
x-amz-server-side-encryption
AES256
cache-control
public,max-age=31536000
accept-ranges
bytes
content-type
text/html; charset=utf-8
server
ATS
referrer-policy
no-referrer-when-downgrade
vary
Origin, Accept-Encoding
age
760169
ats-carp-promotion
1
content-encoding
gzip
content-length
753
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block
x-content-type-options
nosniff
g.gif
pixel.wp.com/ Frame A1C3 		50 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=tumblr&tid=3&rand=5490324&_ts=1620190672345&ref=https%3A%2F%2Fwww.tumblr.com%2Fdashboard%2Fiframe%2Fconsent
Requested by
Host: www.tumblr.com
URL: https://www.tumblr.com/dashboard/iframe/consent
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer
https://www.tumblr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date
Wed, 05 May 2021 04:57:52 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
opus-frame.html
opus.analytics.yahoo.com/tag/ Frame A302 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://opus.analytics.yahoo.com/tag/opus-frame.html?id=4
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-8-0/html/r-csc.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.180 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (paa/6F13) /
Resource Hash
efa70d6e32423159b2c5d940441d59c9db589b2174c0a1681134f2bb5bfc778e
Security Headers
Name Value
Content-Security-Policy default-src https:; script-src https: 'unsafe-inline'; style-src https: 'unsafe-inline'

Request headers

:method
GET
:authority
opus.analytics.yahoo.com
:scheme
https
:path
/tag/opus-frame.html?id=4
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://s.yimg.com/rq/darla/4-8-0/html/r-csc.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
Referer
https://s.yimg.com/rq/darla/4-8-0/html/r-csc.html

Response headers

content-encoding
gzip
age
127778
content-security-policy
default-src https:; script-src https: 'unsafe-inline'; style-src https: 'unsafe-inline'
content-type
text/html
date
Wed, 05 May 2021 04:57:52 GMT
etag
"e3f3a3e01a35be7a338eb0248b0d6a22+gzip"
last-modified
Mon, 11 Jan 2021 22:14:51 GMT
server
ECAcc (paa/6F13)
vary
Accept-Encoding
x-amz-id-2
zimU67sU6xNOWuKzCGtEIbINabgF9k86cE9LsDAxwNWtHpapafg6ctXkKLuj2av/9OHQUNqbk7g=
x-amz-request-id
M2KA79W4WMJWE98S
x-cache
HIT
content-length
3273
sp.js
tag.idsync.analytics.yahoo.com/ Frame 8CF5 		1 KB
922 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.idsync.analytics.yahoo.com/sp.js
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-8-0/html/r-csc.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.51.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (pab/6F93) /
Resource Hash
3d48b44f1a81248c7fa11ec634852c317f855f3505442e41d8bfced0f0db0e94

Request headers

Referer
https://s.yimg.com/rq/darla/4-8-0/html/r-csc.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date
Wed, 05 May 2021 04:57:52 GMT
content-encoding
gzip
etag
"4bea0b4a9a14ce1a32b257d422a82530+gzip"
last-modified
Mon, 23 Mar 2020 22:06:06 GMT
server
ECS (pab/6F93)
age
187
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
x-amz-request-id
9XKNWP4ASYTC47MJ
content-length
616
x-amz-id-2
m3nTjyW3nyRSy+EZCYBE7g56oSRJnvTxQjYWrDlHrFgKqeoDlkOrAfIJ60poegITVCxwJC+Z98o=
adcount%7C2.0%7C5113.1%7C4846948%7C0%7C0%7CAdId=-41;BnId=0;ct=158940546;st=5877;adcid=0;itime=190671740;reqtype=5;;impref=1620190672196020410;imprefseq=219837553220521167;imprefts=1620190672;adclnt...
ter-adserver-origin-us.prod.adtechus.com/ Frame 8CF5 		1 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ter-adserver-origin-us.prod.adtechus.com/adcount%7C2.0%7C5113.1%7C4846948%7C0%7C0%7CAdId=-41;BnId=0;ct=158940546;st=5877;adcid=0;itime=190671740;reqtype=5;;impref=1620190672196020410;imprefseq=219837553220521167;imprefts=1620190672;adclntid=1004;spaceid=1197762640;adposition=MON;lmsid=;revshare=;pvid=g_BOmDEwLjJWNizUTMvZggLBMmEwMQAAAAAJeFeD;sectionid=81217061;kvsecure-darla=4-8-0%7Cysd%7C2;kvmn=y403607;kvpgcolo=ir2;kvssp=ssp;kvsecure=true;kvadtc_dvmktname=unknown;kvadtc_dvosplt=windows_10;kvadtc_dvbrand=google;kvadtc_dvtype=desktop;kvadtc_dvmodel=chrome_-_windows;kvrepo_dvosplt=windows_10;kvadtc_dvosversion=NT%2010.0;kvadtc_crmcc=UNKNOWN;kvadtc_crmnc=UNKNOWN;gdpr=0;
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-8-0/html/r-csc.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.233.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-233-34.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.yimg.com/rq/darla/4-8-0/html/r-csc.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 04:57:52 GMT
Server
nginx
Content-Type
application/x-javascript
Cache-Control
no-store, no-cache
Connection
keep-alive
Content-Length
1
Expires
Mon, 15 Jun 1998 00:00:00 GMT
sfext-min.js
s.yimg.com/rq/darla/4-8-0/js/ Frame 6D21 		63 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/rq/darla/4-8-0/js/sfext-min.js
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-8-0/html/r-sf.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
eb2783e0f4ae428363f7e36fc4ecb4057dbae329d858efee6775ba60f254a81d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://s.yimg.com/rq/darla/4-8-0/html/r-sf.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

ats-carp-promotion
1
date
Tue, 13 Apr 2021 13:25:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1870331
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
content-length
27596
x-amz-id-2
aUg2Xc3dRpBm1sSChRZXPx31LY+RANU8J+3G3ySGy5HrMKuAwTX8yfVVVLYgTtKi5EZ8vd0jv7s=
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 08 Apr 2021 18:33:00 GMT
server
ATS
etag
"a84b48cbebd5379f03b1e428526ec262-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
9ZB1TE467289GWFZ
x-xss-protection
1; mode=block
cache-control
public,max-age=31536000
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
nmedianet.js
contextual.media.net/ Frame 6D21 		124 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CUIOZQNV
Requested by
Host: thjewel.changiairport.com
URL: https://thjewel.changiairport.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7fcd3adf08195a781e7eade16328a4071b92982a92fdc7540c5a0aafcef498d4
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://s.yimg.com/rq/darla/4-8-0/html/r-sf.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

x-mnt-h
10-4
content-encoding
gzip
server
Apache
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
etag
"bbd5d2865bbd72df771818be889db45f"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
date
Wed, 05 May 2021 04:57:52 GMT
strict-transport-security
max-age=604800
x-mnt-w
8-9
expires
Wed, 05 May 2021 05:02:52 GMT
log
qsearch-a.akamaihd.net/ Frame 6D21 		35 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&app_type=prod&ogerpm=0.0000&stid=y403607&other_prv=262&jar_err=&current_day=3.0&req_id=9d22d3c9cf914e96ad0ae8349a2e5dee&dmm_d36=NA&bidfp=0.0200&ugd=4&predicted_wr=0.5227&exp=&cache=&second_bidder=*&search_res=24&iter=&floor_bucket=0.00&seat=262&size=300x600&f_seg=&prdp=0.2432&local_wr_url=0.0000&ogcbdp=0.3200&dfpbd=0.2432&server=1&ogerpm_wd_bkt=0-1&model_version=202105031008_verizon&viewability=-0.0100&cut=24&dmm_r=0.7940&dmm_l=0.0230&as_cache=0&tcyerpm=&sc=BW&send_erpm=true&apcnt=&sd=-1&seg=&dmm_m4=1.0000&erpm_bucket=0.00&ugd_ver=&requrl=thjewel.changiairport.com%2F&bidrestime=1620190672147&cc=DE&strg=serenity&bdpcapd=0&current_hour=4&time_stamp=2021-05-05+04%3A57%3A52&model_key=verizon&rvshhon=&ybncaERPM=0.0000&mul_ratio=1.0000&bdp=0.3200&td=&ct=&akey=&mnckfl=0&har_prc=&bdp_bucket=0.30&algo=serenity&dc=eu_be&splid=y403607&dim4=exploration&dn=thjewel.changiairport.com&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.00+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.0000.00+Safari%2F537.00&dmm_m10=1208375&bdp_wider_bucket=1&acid=9d22d3c9cf914e96ad0ae8349a2e5dee_9d22d3c9cf914e96ad0ae8349a2e5dee-1&ecp=0.0&infl=&o_ver=NT+10.0&br_ver=83.0.0000.00&bdmm_m6=0.0000&bdmm_m7=0.8510&bdmm_m5=0.0000&ver=6.0.5&totalTimeBucket=3&visibility=1&totalTime=3436469&dmm_m1=2021-05-05+04%3A57%3A52.149272115&e_rpm=0.1850&racnt=&gdpr=&vsid=EEA0000&amino=false&algo2=&algo1=&log_less=false&ogerpm_used=false&bdmm_m12=0.8510&cid=8CU2OO4Y3&rawbid=0.3200&seat_id=262&sub_bidder=0&sluid=&pbshr=100.0000&dmm_d10=0&o_id=101&clisp=rtb-common-7987bd876f-v2hmp.BE&dfp_bucket=0.25&adblk=0&itype=verizon&pvid_seat=262_262&cliIP=0&advurl=https%3A%2F%2Flistings.local.com&level_base=0&crid=328797428&sat=1&br_id=265&cut_bkt=25&iwb=1&dmm_d22=-2&second_bid=0.000000&sc_pvid=262&capd=&other_bids=0.32
Requested by
Host: thjewel.changiairport.com
URL: https://thjewel.changiairport.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.66 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-66.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Referer
https://s.yimg.com/rq/darla/4-8-0/html/r-sf.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 04:57:52 GMT
Server
Jetty(9.4.35.v20201120)
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Wed, 05 May 2021 04:57:52 GMT
adperformance.js
static-eb.media.net/rtb/resource/ Frame 6D21 		57 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-eb.media.net/rtb/resource/adperformance.js?v=c7ed9102e5
Requested by
Host: thjewel.changiairport.com
URL: https://thjewel.changiairport.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
c2b1146b4fa010ad7b327ac6e13b277a73787eee1c33b30093a5639d434eba35

Request headers

Referer
https://s.yimg.com/rq/darla/4-8-0/html/r-sf.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Date
Wed, 05 May 2021 04:57:52 GMT
Server
nginx
Content-Type
application/javascript;charset=ISO-8859-1
Cache-Control
must-revalidate, max-age=24299
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
58365
Expires
Wed, 05 May 2021 11:42:51 GMT
talon-1.0.31.js
s.yimg.com/ix/ Frame 6D21 		57 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/ix/talon-1.0.31.js
Requested by
Host: thjewel.changiairport.com
URL: https://thjewel.changiairport.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
daf5bad3dcc900f04fd01e71a81d641586ed61097ed67ed35caaa821d885e7ac
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://s.yimg.com/rq/darla/4-8-0/html/r-sf.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

ats-carp-promotion
1
date
Wed, 05 May 2021 01:01:48 GMT
x-content-type-options
nosniff
age
14165
x-amz-server-side-encryption
AES256
content-length
58593
x-amz-id-2
LrfwNcsABLAFaxlTui6wSQbjZ6G6ev4/ZR/3adZIOzfxb+lmipKCuwBzuH0vC+iNY0GT3ZRIvPg=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 28 Apr 2021 14:46:34 GMT
server
ATS
etag
"0bcb4d45cc7ee871c6d48b07af3e2b3d"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
8RXWJWMVC7CEC7KB
x-xss-protection
1; mode=block
cache-control
public,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
adEvent.do
prod-m-node-3111.ssp.advertising.com/admax/ Frame 6D21 		43 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-m-node-3111.ssp.advertising.com/admax/adEvent.do?tidi=770829437&dcn=brxd296061&posi=873536&grp=%3F%3F%3F&nl=1620190672161&rts=1620190671978&pix=1&et=1&a=g_BOmDEwLjJWNizUTMvZggLBMmEwMQAAAAAJeFeD-1&m=aXAtMTAtMjItMTE5LTE3NQ..&p=MC4wMDAyNDM&b=MTI4NTg7bWVkaWFuZXQxO2xpc3RpbmdzLmxvY2FsLmNvbTs7Ozs5ZDIyZDNjOWNmOTE0ZTk2YWQwYWU4MzQ5YTJlNWRlZTsyOTM4ODE3NDsxNjIwMTg5MDAwOzswLjAwMDI0Mzs7MA..&xdi=Pz8_fD8_P3w_Pz98MA..&xoi=MHxERVU.&hb=true&type=0&af=5&brxdPublisherId=25225873693&brxdSiteId=296061&brxdSectionId=81217061&dety=2
Requested by
Host: thjewel.changiairport.com
URL: https://thjewel.changiairport.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.255.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-255-193.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b

Request headers

Referer
https://s.yimg.com/rq/darla/4-8-0/html/r-sf.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date
Wed, 05 May 2021 04:57:52 GMT
last-modified
Thu, 29 Apr 2021 09:46:58 GMT
server
nginx/1.16.1
accept-ranges
bytes
content-length
43
content-type
image/gif
sp-frame.html
tag.idsync.analytics.yahoo.com/ Frame FBE9 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tag.idsync.analytics.yahoo.com/sp-frame.html?referrer=https%3A%2F%2Fthjewel.changiairport.com%2F
Requested by
Host: tag.idsync.analytics.yahoo.com
URL: https://tag.idsync.analytics.yahoo.com/sp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.51.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (pab/6FB0) /
Resource Hash
65aa946829133f2163ed351882e770c0e7651c8c95fac3c53aa78e02a938b7ca

Request headers

:method
GET
:authority
tag.idsync.analytics.yahoo.com
:scheme
https
:path
/sp-frame.html?referrer=https%3A%2F%2Fthjewel.changiairport.com%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://s.yimg.com/rq/darla/4-8-0/html/r-csc.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
Referer
https://s.yimg.com/rq/darla/4-8-0/html/r-csc.html

Response headers

content-encoding
gzip
age
11
content-type
text/html
date
Wed, 05 May 2021 04:57:52 GMT
etag
"9fad51d2a83b0a4de3eb75724ba26b2c+gzip"
last-modified
Mon, 23 Mar 2020 22:06:06 GMT
server
ECS (pab/6FB0)
vary
Accept-Encoding
x-amz-id-2
VZWoF98/zyNuhfJjNKZ4/D2pB2QFYkC8LG95/MGJbXt4CLTIC+2WyUtF5GS2X7sEzwgYbFfWhJc=
x-amz-request-id
K185SGK71VKPJMC3
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
3087
fcmain.js
contextual.media.net/2722522032/ Frame 6D21 		65 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/2722522032/fcmain.js?cb=window._mNDetails.initAd&&gdpr=1&cid=8CUIOZQNV&cpcd=334csmRGmBH6mUGUfphIDQ%3D%3D&crid=525553168&size=300x600&cc=RO&chnm=serenity&pid=8PO56U72N&tpid=T8D1272&https=1&vif=2&requrl=https%3A%2F%2Fthjewel.changiairport.com&nse=5&vi=1620190672377786142&lw=1&ugd=4&adt1=8CU2OO4Y3&adt2=328797428&bae=B4geBaBgxg&bcpf=B4geBaBg8fOnRrolnfOur8xg&bdrId=262&katbid=-103&ntv=0&matchstring=bcat%3DIAB23%2CNEX9-109%2CIAB7-39%2CNEX7-101%2CIAB26%2CNEX9-105%2CNEX9-107%2CNEX11-102%2CIAB5-2%2CIAB25-3%2CIAB14-3%2CIAB25-2%2CIAB25-1%2CIAB11-4%2CIAB9-7%2CIAB25-5%2CIAB25-4&katpre=1&nb=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUIOZQNV
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
eef86bfe4f7a0a1e3de4a7dd119266822a91455c316e2ff820e646aea92aec99
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://s.yimg.com/rq/darla/4-8-0/html/r-sf.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
x-mnt-hl2
8-12
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=300
date
Wed, 05 May 2021 04:57:52 GMT
x-mnt-w
10-7
content-length
22538
expires
Wed, 05 May 2021 05:02:52 GMT
checksync.php
contextual.media.net/ Frame 4D72 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUIOZQNV&https=1&itype=CM
Requested by
Host: thjewel.changiairport.com
URL: https://thjewel.changiairport.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
26e4a5a54f88139dcd133ac83063f733c14de5f96b08d830e0914f51e5a72453
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

:method
GET
:authority
contextual.media.net
:scheme
https
:path
/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUIOZQNV&https=1&itype=CM
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://s.yimg.com/rq/darla/4-8-0/html/r-sf.html
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
gdpr_status=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
Referer
https://s.yimg.com/rq/darla/4-8-0/html/r-sf.html

Response headers

server
Apache
content-type
text/html; charset=UTF-8
set-cookie
gdpr_status=1; Expires=Sat, 06 Nov 2021 04:57:52 GMT; domain=.media.net; Path=/; sameSite=none; secure=true
x-mnet-hl2
E
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=172800
expires
Fri, 07 May 2021 04:57:52 GMT
date
Wed, 05 May 2021 04:57:52 GMT
content-length
5587
bping.php
lg3.media.net/ Frame 6D21 		35 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?&gdpr=1&prid=8PRVCXX19&cid=8CUIOZQNV&crid=525553168&vi=1620190672377786142&ugd=4&lf=6&cc=RO&lper=100&wsip=2886781035&r=1620190672612&requrl=https%3A%2F%2Fthjewel.changiairport.com&vgd_l2type=setting&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_pgid=p1846158656t202105050457&vgd_pgids=1&vgd_uspa=0&hvsid=00001620190672609014958405126906&gdpr=1&vgd_end=1
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-8-0/html/r-sf.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

Referer
https://s.yimg.com/rq/darla/4-8-0/html/r-sf.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
server
Apache
date
Wed, 05 May 2021 04:57:52 GMT
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Wed, 05 May 2021 04:57:52 GMT
checksync.php
contextual.media.net/ Frame 40B0 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU2OO4Y3&prvid=2034%2C2033%2C2030%2C251%2C273%2C175%2C2009%2C2029%2C2028%2C3018%2C2027%2C2026%2C214%2C3015%2C238%2C97%2C77%2C99%2C59%2C184%2C261%2C262%2C186%2C188%2C222%2C201%2C2017%2C2038%2C246%2C4%2C126%2C203%2C225%2C226%2C10000%2C80%2C229%2C9&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=VERIZON
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-8-0/html/r-sf.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
63d45829587f387b0242df6cb0a86567ef5ff3433c3b6d8fc417b9c5d1086667
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

:method
GET
:authority
contextual.media.net
:scheme
https
:path
/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU2OO4Y3&prvid=2034%2C2033%2C2030%2C251%2C273%2C175%2C2009%2C2029%2C2028%2C3018%2C2027%2C2026%2C214%2C3015%2C238%2C97%2C77%2C99%2C59%2C184%2C261%2C262%2C186%2C188%2C222%2C201%2C2017%2C2038%2C246%2C4%2C126%2C203%2C225%2C226%2C10000%2C80%2C229%2C9&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=VERIZON
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://s.yimg.com/rq/darla/4-8-0/html/r-sf.html
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
gdpr_status=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
Referer
https://s.yimg.com/rq/darla/4-8-0/html/r-sf.html

Response headers

server
Apache
content-type
text/html; charset=UTF-8
set-cookie
gdpr_status=1; Expires=Sat, 06 Nov 2021 04:57:52 GMT; domain=.media.net; Path=/; sameSite=none; secure=true
x-mnet-hl2
E
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=172800
expires
Fri, 07 May 2021 04:57:52 GMT
date
Wed, 05 May 2021 04:57:52 GMT
content-length
8046
clog
hblg.media.net/ Frame 6D21 		35 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&prvAccId=525553168&ckfl=0&lper=1&mx_tgs=300x600&cbdp=0.243&os_id=1&mx_nsz=1&csex=0&spSource=0&vid=9d22d3c9cf914e96ad0ae8349a2e5dee&pvdTmax=21&s_city=frankfurt+am+main&ltime=13.0&ugd=4&cliIPV6=2a01%3A4f8%3A192%3A0%3A0%3A0%3A0000%3A0000&epc=525553168&bcat%3C%3E=NEX11-102%23%23IAB5-2%23%23IAB23%23%23IAB14-3%23%23NEX9-109%23%23IAB11-4%23%23IAB7-39%23%23NEX7-101%23%23NEX9-105%23%23NEX9-107&prvReqId=364253985641_1448997964_32879742812621&exp=sfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Cfl_rl%3D1%7CssProfile%3D0%7Cdbr%3D1&app=0&ctr=-1.0&exid=31&spFst=0&mx_GCID=0&cliIPType=v6&device_id=4&pexid=VERIZON-25225873693&ae=false&brsrclk=0&mx_UCC=1&sbdrid=99&prspt=headerBid&rtttime=152&usp_status=0&seat=262&mx_PC=1&og_cbdp=0.320&size=300x600&wsip=mowx-6d7bfbc74b-5n872&xtmax=205&scrid=80147384836I&mx_SPRIG=0&viewability=-1&rtime=7.0&adj0=0.0&tmax=200&s_ip=3.124.198.37&adj2=0.0&adj1=0.0&geoll=false&mx_lr_seg_cnt=0&adtypes=0&mx_aabpc=0&debug_ts=2021-05-05+04%3A57%3A52&reqid=9d22d3c9cf914e96ad0ae8349a2e5dee&sc=BW&sd=-1&mx_ssProfile=0&mx_SC=0&reftime=15000&pbidflr=0.020&spbf=0&mowxReqId=9d22d3c9cf914e96ad0ae8349a2e5dee_9d22d3c9cf914e96ad0ae8349a2e5dee-1_1&iurl=https%3A%2F%2Fiurl.media.net%2Fdfp%2Fybntag%3Febda%3D1%26crid%3D525553168%26size%3D300x600%26requrl%3Dhttps%253A%252F%252Fthjewel.changiairport.com%26cid%3D8CUIOZQNV&fpusp=false&requrl=https%3A%2F%2Fthjewel.changiairport.com&mnrfc=1&bidrestime=1620190672147&pv_adtype=0&cc=DE&strg=serenity&pcrid=80147384836I&abk=0&is_rewarded=false&bdp=0.320&stagid=y403607&spIsReq=3&s=1&snm=SUCCESS&abs=0%7C0%7Cbflag%3D0%7Cserenity%7Cbrr%3D0%7Cbclk%3D0&mx_IAB2=0&mx_ssBucket=0&vls=0&asn=0&usp_enf=1&bidflr=0.020&mang=1&advUrl=local.com&visage=NA&dn=thjewel.changiairport.com&pid=8PRL4E7N3&spTo=3&dt=O&acid=9d22d3c9cf914e96ad0ae8349a2e5dee_9d22d3c9cf914e96ad0ae8349a2e5dee-1&actltime=14&act=headerBid&pvid=262&iframingState=0&is_ortb=true&mx_aurl_hc=0&bdata=dc%3Dgcp-eu-west1-b%7C%7Cck_fl%3D0%7C%7Cbhp%3D0%7C%7Cseller_tag_id%3Dy403607%7C%7Citype%3DVERIZON%7C%7Cvisibility%3D1%7C%7Cref_cnt%3D1%7C%7Cr_ip%3D2a01-4f8-192-0-0-0-0-0%7C%7Cr_sc%3DNH%7C%7Crbo%3D5_3%7C%7Cdmm_d1%3DT%7C%7Cdmm_d2%3DT%7C%7Cdmm_d3%3D0%7C%7Cdmm_d4%3D10%7C%7Cdmm_d5%3Daaa%7C%7Cdmm_d6%3Dc%7C%7Cdmm_d7%3D0%7C%7Cdmm_d8%3D0%7C%7Cdmm_d9%3D0%7C%7Cdmm_d10%3D0%7C%7Cdmm_d12%3D3%7C%7Cdmm_d13%3D00100%7C%7Cdmm_d14%3D0%7C%7Cdmm_d15%3D1%7C%7Cdmm_d16%3D0%7C%7Cdmm_d17%3D0%7C%7Cdmm_d18%3D0%7C%7Cdmm_d20%3D0%7C%7Cdmm_d21%3D0%7C%7Cdmm_d22%3D-2%7C%7Cdmm_d23%3D3%7C%7Cdmm_d24%3D5%7C%7Cdmm_d25%3D00%7C%7Cdmm_d27%3D2%7C%7Cdmm_d28%3D1%7C%7Cdmm_d29%3Dp-1%7C%7Cdmm_d30%3D0%7C%7Cdmm_d31%3D0%7C%7Cdmm_d32%3D0%7C%7Cdmm_d33%3D0%7C%7Cdmm_d36%3DNA%7C%7Cdmm_d37%3D0%7C%7Cdmm_d40%3D0%7C%7Cdmm_d42%3D0%7C%7Cdmm_d43%3D0%7C%7Cdmm_l%3D0.023%7C%7Cdmm_r%3D0.794%7C%7Ce_rpm%3D0.185%7C%7Cdmm_m1%3D0.185%7C%7Cdmm_m2%3D0.027%7C%7Cdmm_m3%3D1.000%7C%7Cdmm_m7%3D0.851%7C%7Cdmm_m10%3D1.000%7C%7Cdmm_m11%3D0.932%7C%7Cdmm_m12%3D0.851%7C%7Cdmm_m13%3D6%7C%7Cdmm_m14%3D20%7C%7Cdmm_m16%3D0.794%7C%7Cdmm_m21%3D1.000%7C%7Cdmm_m28%3D1.000%7C%7Cdmm_m29%3D1.000%7C%7Cdmm_m30%3D1.000%7C%7Cerpm%3D0.185%7C%7Cvbr%3D0%7C%7C%7C%7Cbid%3D0.32%7C%7Ccbdp%3D%7C%7Csupply_tag_id%3Dy403607%7C%7Ccbdp%3D0.243%7C%7Cdmm%3Dharmony%7C%7Csd%3D-1%7C%7Cdtc%3Deu_be%7C%7Cref_cnt%3D1%7C%7Cdalg%3Dserenity%7C%7Cysp%3D-1%7C%7Cbflag%3D0%7C%7Csobp%3D%7C%7Cbdpcapd%3D0%7C%7Cdmm_erpm%3Dtrue%7C%7Cbflr%3D0.020%7C%7Cogbid%3D0.320%7C%7Cac_type%3D1%7C%7Cseller_tag_id%3Dy403607%7C%7CcarrierId%3D0%7C%7Cdcut%3D25%7C%7Cdogb%3D0-1%7C%7Cibc%3D1%7C%7C%7C%7Ciha%3D0%7C%7Cibc%3D1%7C%7C%7C%7Cdmm_d39%3D0%7C%7Cibc%3D1%7C%7C&mx_lr_seg_deal=0&dfpBd=0.243&sckfl=0&dmm_erpm=true&mx_lr=0&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=1&dbf=1&smbrid=verizon&bfs=103&rfc=1&gdpr=1&prvApiId=8CUIOZQNV&dmm_ogerpm=false&epcexp=false&pubid=pub-verizon&csip=rtb-common-7987bd876f-v2hmp.BE&mx_bsProfile=0&mx_bsBucket=0&sadtsts=0.243&cid=8CU2OO4Y3&bcrid=80147384836I&mx_aurt=0&spIvt=3&dsid=y403607&apPrfs%3C%3E=13%23%2316%23%2343%23%2310&ptype=23&vertical=0&chnl=serenity&smsrc=1&acsn=1&reqsize=300x600&coppa=0&browser_id=5&dtc=eu_be&adpos=1&mx_aqcpl_crid=4&ogbdp=0.32&tpbTkn=false&fpuReq=1&itype=VERIZON&crid=328797428&sat=1&mnet_ckfl=0&spCst=0&tgtval=pub-verizon&dfpDiv=y403607&__expireat=1620190852402&gsi=1&opbidflr=0.020&reftype=0&utime=479&sf=1&cpr=0.9457161650335664
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-8-0/html/r-sf.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Request headers

Referer
https://s.yimg.com/rq/darla/4-8-0/html/r-sf.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

pragma
max-age=3600
date
Wed, 05 May 2021 04:57:52 GMT
server
Apache
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=21600
content-length
35
expires
Wed, 05 May 2021 10:57:52 GMT
global
service.cmp.oath.com/cmp/v0/vendor_list/ Frame C8E9 		98 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://service.cmp.oath.com/cmp/v0/vendor_list/global
Requested by
Host: s3-ap-southeast-1.amazonaws.com
URL: https://s3-ap-southeast-1.amazonaws.com/yahoos3/gdpr/cmpui.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:135:155a:23ba:b2a:25ff:122d , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (frb/6737) /
Resource Hash
16e62770f3e52da04bdd207c184c49c8b540974d2bafa53b5abf71d7611fc750
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://s3-ap-southeast-1.amazonaws.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'none'
content-encoding
gzip
vary
Accept-Encoding
age
787
x-cache
HIT
content-length
18479
last-modified
Wed, 05 May 2021 04:44:46 GMT
server
ECD (frb/6737)
x-frame-options
SAMEORIGIN
date
Wed, 05 May 2021 04:57:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
warning
110 - "Response is stale"
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
nrrV27271.js
contextual.media.net/4a/ Frame 1819 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/4a/nrrV27271.js
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUIOZQNV
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a4681204efc2dc2c3aafbe97dff924470cdac31b5f05ff0e45f1390445cafae0
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://s.yimg.com/rq/darla/4-8-0/html/r-sf.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

pragma
max-age=2592000
strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
etag
"ca172848cbc21794bac4f7ba9333fa5f"
vary
Accept-Encoding
x-mnet-h
10-7
content-type
text/javascript; charset=utf-8
cache-control
max-age=1209600
date
Wed, 05 May 2021 04:57:53 GMT
content-length
29409
expires
Wed, 19 May 2021 04:57:53 GMT
truncated
/ Frame 1819 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 1819 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 1819 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Content-Type
image/png
Roboto-Bold.woff
res-a.akamaihd.net/__media__/fonts/Roboto-Bold/ Frame 1819 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://res-a.akamaihd.net/__media__/fonts/Roboto-Bold/Roboto-Bold.woff
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/4-8-0/html/r-sf.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-43.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
c8a7ea184c79a6f61c400968314d03aae7c327f03efc03603f6a3cbada7bfb9a

Request headers

Origin
https://s.yimg.com
Referer
https://s.yimg.com/rq/darla/4-8-0/html/r-sf.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Date
Wed, 05 May 2021 04:57:53 GMT
Last-Modified
Mon, 16 May 2016 10:39:41 GMT
Server
nginx
ETag
"5739a36d-60f0"
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24816
pubvendors.json
s3-ap-southeast-1.amazonaws.com/yahoos3/gdpr/ Frame C8E9 		154 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s3-ap-southeast-1.amazonaws.com/yahoos3/gdpr/pubvendors.json
Requested by
Host: s3-ap-southeast-1.amazonaws.com
URL: https://s3-ap-southeast-1.amazonaws.com/yahoos3/gdpr/cmpui.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.132.114 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
27399d832dd60631e3393aceb1d34f06bfea49f36e15d7f4a434922c68c0504f

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://s3-ap-southeast-1.amazonaws.com/yahoos3/gdpr/cmpui.html
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Date
Wed, 05 May 2021 04:57:54 GMT
Last-Modified
Mon, 17 Sep 2018 13:32:45 GMT
Server
AmazonS3
x-amz-request-id
T0T0PR2ME16860BX
ETag
"a9e8b539bd4e37b5ad404e6febeab0af"
x-amz-meta-uid
0
x-amz-meta-gid
0
x-amz-storage-class
REDUCED_REDUNDANCY
x-amz-meta-mode
33188
Accept-Ranges
bytes
Content-Type
application/json
Content-Length
154
x-amz-id-2
CXvisWwqOTRVPhLgUOjmR7vp1BZ1dH7Lw0V6QwLw3ptknxrMkYGi5NXILyJcU5Nk2o8bZ0nVgo0=
x-amz-meta-mtime
1537191325
/
adservice.google.com/ddm/fls/i/dc_pre=CJP-mszgsfACFbTyuwgdmfYHtg;src=6071807;type=cag1875a;cat=cag19000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;~oref=https://thjewel.cha... Frame 9CEA 		495 B
852 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CJP-mszgsfACFbTyuwgdmfYHtg;src=6071807;type=cag1875a;cat=cag19000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;~oref=https://thjewel.changiairport.com/
Requested by
Host: 6071807.fls.doubleclick.net
URL: https://6071807.fls.doubleclick.net/activityi;dc_pre=CJP-mszgsfACFbTyuwgdmfYHtg;src=6071807;type=cag1875a;cat=cag19000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fb9fc9437724d9aa9afca4219e3eaab6c3ae03e6d4ca15a78149455c4e511e41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
adservice.google.com
:scheme
https
:path
/ddm/fls/i/dc_pre=CJP-mszgsfACFbTyuwgdmfYHtg;src=6071807;type=cag1875a;cat=cag19000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;~oref=https://thjewel.changiairport.com/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://6071807.fls.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
Referer
https://6071807.fls.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Wed, 05 May 2021 04:57:53 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
379
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
adservice.google.de/ddm/fls/i/dc_pre=CJP-mszgsfACFbTyuwgdmfYHtg;src=6071807;type=cag1875a;cat=cag19000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;~oref=https://thjewel.chan... Frame 8B33 		194 B
877 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/ddm/fls/i/dc_pre=CJP-mszgsfACFbTyuwgdmfYHtg;src=6071807;type=cag1875a;cat=cag19000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;~oref=https://thjewel.changiairport.com/
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CJP-mszgsfACFbTyuwgdmfYHtg;src=6071807;type=cag1875a;cat=cag19000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;~oref=https://thjewel.changiairport.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
adservice.google.de
:scheme
https
:path
/ddm/fls/i/dc_pre=CJP-mszgsfACFbTyuwgdmfYHtg;src=6071807;type=cag1875a;cat=cag19000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;~oref=https://thjewel.changiairport.com/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adservice.google.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
Referer
https://adservice.google.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Wed, 05 May 2021 04:57:53 GMT
expires
Wed, 05 May 2021 04:57:53 GMT
cache-control
private, max-age=0
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
177
x-xss-protection
0
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
bql.php
lg3.media.net/ Frame 1819 		15 B
216 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?&vgd_l2type=setting&v=1&gdpr=1&hvsid=00001620190672609014958405126906&geo=44.43|26.10&dlper=20&lper=100&bdrid=262&subBdr=99&fp=JEbD2OqCKM_7iIBj-ijI0ZkA3zJnxSw_-FDD-8own4jj52CXsyFIofS0vT_ALI1S7s0JRk0D9xMqPIH-qApCwgNiuf7LQjc8AlcDthRbNP0vfyAVmkIia2bfEMf2YUyXDaOREJMMfoxhEI-QKqj9pg%3D%3D&lpid=&tsid=18&q=&prv=&type=&ps=&cme=YCodqMg-GhUilO_fWc0BhPO-bTFRqeJDpp-oUJ_mIcjEA-T0YZ9tFPdA0L1tt-dBfju78ZgNWLg9-9GIZDMAby6nMZHiRpjWuq7jDL7FAa9SVbupp-hrwEzfhyKR5cDp1i9fqlkOCbkKYLA7TPA9BDefSZ8mHz_DwkuhdlFtQ2o9BA24EYhgS9ZNfYCuAOPJe0VoAjg4h3kS45Wl1FsGokWu8FfGvpTN%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7CegxAhfhrGFwYR1FT5uQuBGQyot3GWgaO%7CsRBSg3CPSiQ%3D%7CYdjFvixrVaHnD__iNbsNxsS1EDmozZjVpNItEUySnNfSsjmuJTTLSQ%3D%3D%7Cuet4nflvc24v2SlpMSUpKMcN_wlP6FN5%7C5tHgE6ddNOj9TtbYdsXENvYQquOYMQyp%7CN7fu2vKt8_s%3D%7CeyOPkfgOPIj9_VXrJSKlxwjeCMF4woN31JHUOX74htfcBkVTnJJ0mPgSUI12dUJMwmPjEsZDQ4C6qCO25UmVCwsa6v9eAhKSwXHnob0KGp2PB1yor4BRW-JXEC6wXkpAGfS5S7e1Rlv2h5x3DDIEuO28b2jz8GMLjIDq-Amb9p_54wT5118j0F0VSFjml2ZTWsnclRpFips7MW0yVkNCg-StYCGRw1XU%7C&hint=&td=&cc=RO&wsip=2887305233&bca=0&ugd=4&vgd_chost=contextual.media.net&vgd_fcic=0&vgde_kbbh=u9oNu9&vgde_setid=Nu9&&rc=0&ksu=243&acid=9d22d3c9cf914e96ad0ae8349a2e5dee_9d22d3c9cf914e96ad0ae8349a2e5dee-1&fdkt=112&kwd[]=Free%20Ringtones&kwt[]=112&kbc[]=null&kwp[]=1&kid[]=11646957&kbc2[]=undefined&ktd[]=&kwd[]=Weather%20Report&kwt[]=112&kbc[]=null&kwp[]=2&kid[]=30446987&kbc2[]=undefined&ktd[]=&kwd[]=Discount%20Shopping&kwt[]=112&kbc[]=null&kwp[]=3&kid[]=8483289&kbc2[]=undefined&ktd[]=&kwd[]=Health%20and%20Fitness&kwt[]=112&kbc[]=null&kwp[]=4&kid[]=13428339&kbc2[]=undefined&ktd[]=&kwd[]=Finance%20Investments&kwt[]=112&kbc[]=null&kwp[]=5&kid[]=10822571&kbc2[]=undefined&ktd[]=&kwd[]=Breaking%20News&kwt[]=112&kbc[]=null&kwp[]=6&kid[]=4252619&kbc2[]=undefined&ktd[]=&kwd[]=Online%20Gaming&kwt[]=112&kbc[]=null&kwp[]=7&kid[]=21238501&kbc2[]=undefined&ktd[]=&kwd[]=Luxury%20Cars&kwt[]=112&kbc[]=null&kwp[]=8&kid[]=13428339&kbc2[]=undefined&ktd[]=&rand=1620190673095&cid=8CUIOZQNV&vwid=1620190672377786142&vi=1620190672377786142&l3ch=0&slnkp=no&vgd_hb_audit_1=8CU2OO4Y3&vgd_hb_audit_2=328797428&tdAdd[]=ib=0&vgd_uspa=0&vgd_l1rakh=1620190672152045050&vgd_lhl=3094&tdAdd[]=%7C%40%7Cabp%3A1%3A2&vgd_ifrmode=11&sttm=1620190672609&upk=1620190673.13449&hvsid=00001620190672609014958405126906&verid=3111299&vgd_matchstr=bcat%3DIAB23%2CNEX9-109%2CIAB7-39%2CNEX7-101%2CIAB26%2CNEX9-105%2CNEX9-107%2CNEX11-102%2CIAB5-2%2CIAB25-3%2CIAB14-3%2CIAB25-2%2CIAB25-1%2CIAB11-4%2CIAB9-7%2CIAB25-5%2CIAB25-4&sbdrId=99&vgd_ecrid=80147384836I&vgd_isiolc=1&pid=8PO56U72N&matm=1620190673112&vgd_ltime=589&vgd_ltimesrc=2&abpl=2&kbbq=%26asn%3D9009&tdAdd[]=nw%3DNone&tdAdd[]=nwType%3DNone&tdAdd[]=asnum%3D9009&tdAdd[]=proxy%3DNone&tdAdd[]=comp%3DNone&vgd_l2ch=0&vgd_l1ch=1&vgd_katbid=-103&vgd_pdtid=1&vgd_implt=3&vgd_csip=rtb-common-7987bd876f-v2hmp.BE&vgd_sbSup=1&vgd_l2wsip=2887305233&vgd_nrrsf=nrr&vgd_nrrv=27271&vgd_nrrs=27271&vgd_nrrmf=4a&vgd_cntrdt=SF%7Cs.yimg.com&vgd_cty=BUCHAREST&vgd_l1hcsd=N4%7C2966&vgd_sethcsd=A12%7C2924&vgd_tcf_cmp=1&vgde_bdata=ONvyNEoJxoBJQ7uoG%7C%7CNUMkjv9%7C%7CGwEv9%7C%7CQJjjJLM71yM8Ov5H9AF9h%7C%7C875EJv%2F4DV2aI%7C%7Ce8Q8G8j875vu%7C%7CLJkMNz7vu%7C%7CLM8Evf19uoHkWouifo9o9o9o9o9%7C%7CLMQNvIq%7C%7CLGmvXMA%7C%7COYYMOuv_%7C%7COYYMOfv_%7C%7COYYMOAv9%7C%7COYYMOHvu9%7C%7COYYMOXv111%7C%7COYYMOFvN%7C%7COYYMOhv9%7C%7COYYMOWv9%7C%7COYYMOiv9%7C%7COYYMOu9v9%7C%7COYYMOufvA%7C%7COYYMOuAv99u99%7C%7COYYMOuHv9%7C%7COYYMOuXvu%7C%7COYYMOuFv9%7C%7COYYMOuhv9%7C%7COYYMOuWv9%7C%7COYYMOf9v9%7C%7COYYMOfuv9%7C%7COYYMOffvof%7C%7COYYMOfAvA%7C%7COYYMOfHvX%7C%7COYYMOfXv99%7C%7COYYMOfhvf%7C%7COYYMOfWvu%7C%7COYYMOfivEou%7C%7COYYMOA9v9%7C%7COYYMOAuv9%7C%7COYYMOAfv9%7C%7COYYMOAAv9%7C%7COYYMOAFvIK%7C%7COYYMOAhv9%7C%7COYYMOH9v9%7C%7COYYMOHfv9%7C%7COYYMOHAv9%7C%7COYYMjv9.9fA%7C%7COYYMLv9.hiH%7C%7CJMLEYv9.uWX%7C%7COYYMYuv9.uWX%7C%7COYYMYfv9.9fh%7C%7COYYMYAvu.999%7C%7COYYMYhv9.WXu%7C%7COYYMYu9vu.999%7C%7COYYMYuuv9.iAf%7C%7COYYMYufv9.WXu%7C%7COYYMYuAvF%7C%7COYYMYuHvf9%7C%7COYYMYuFv9.hiH%7C%7COYYMYfuvu.999%7C%7COYYMYfWvu.999%7C%7COYYMYfivu.999%7C%7COYYMYA9vu.999%7C%7CJLEYv9.uWX%7C%7CeGLv9%7C%7C%7C%7CG8Ov9.Af%7C%7CNGOEv%7C%7CQxEEj5M71yM8Ov5H9AF9h%7C%7CNGOEv9.fHA%7C%7COYYvw1LYmz5%7C%7CQOvou%7C%7CO7NvJxMGJ%7C%7CLJkMNz7vu%7C%7CO1jyvQJLJz875%7C%7C5QEvou%7C%7CGkj1yv9%7C%7CQmGEv%7C%7CGOEN1EOv9%7C%7COYYMJLEYv7LxJ%7C%7CGkjLv9.9f9%7C%7CmyG8Ov9.Af9%7C%7C1NM75EJvu%7C%7CQJjjJLM71yM8Ov5H9AF9h%7C%7CN1LL8JLVOv9%7C%7CONx7vfX%7C%7COmyGv9ou%7C%7C8GNvu%7C%7C%7C%7C8w1v9%7C%7C8GNvu%7C%7C%7C%7COYYMOAiv9%7C%7C8GNvu%7C%7C&vgd_cfud=201106&vgd_is_amp=0&vgd_optout=0&vgd_vstrid=EEA0000&vgd_ect=4g&vgd_rensize=300_600&vgd_scr_h=1200&vgd_scr_w=1600&vgd_dtc=eu_be&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgid=p1846158656t202105050457&vgd_pgids=1&requrl=https%3A%2F%2Fthjewel.changiairport.com&oRurl=http%3A%2F%2Fcdng%2Ffcmain.js%3F%26esi%3D1%26%26fvips%3D0%26vpf%3D000%26chost%3Dcontextual.media.net%26cb%3Dwindow._mNDetails.initAd%26%26gdpr%3D1%26cid%3D8CUIOZQNV%26cpcd%3D334csmRGmBH6mUGUfphIDQ%253D%253D%26crid%3D525553168%26size%3D300x600%26cc%3DRO%26chnm%3Dserenity%26pid%3D8PO56U72N%26tpid%3DT8D1272%26https%3D1%26vif%3D2%26requrl%3Dhttps%253A%252F%252Fthjewel.changiairport.com%26nse%3D5%26vi%3D1620190672377786142%26lw%3D1%26ugd%3D4%26adt1%3D8CU2OO4Y3%26adt2%3D328797428%26bae%3DB4geBaBgxg%26bcpf%3DB4geBaBg8fOnRrolnfOur8xg%26bdrId%3D262%26katbid%3D-103%26ntv%3D0%26matchstring%3Dbcat%253DIAB23%252CNEX9-109%252CIAB7-39%252CNEX7-101%252CIAB26%252CNEX9-105%252CNEX9-107%252CNEX11-102%252CIAB5-2%252CIAB25-3%252CIAB14-3%252CIAB25-2%252CIAB25-1%252CIAB11-4%252CIAB9-7%252CIAB25-5%252CIAB25-4%26katpre%3D1%26nb%3D1%26baeFlag%3D0%26blapd%3D0%26isOffice%3D0&tdAdd[]=uiparams%3D%3Brend_w%3A300%3Brend_h%3A600%3Bkwd_scnt%3A8&vgd_end=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV27271.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

Referer
https://s.yimg.com/rq/darla/4-8-0/html/r-sf.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
server
Apache
date
Wed, 05 May 2021 04:57:53 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Wed, 05 May 2021 04:57:53 GMT
truncated
/ Frame C8E9 		12 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c3eecf14b4c1737a9887b1473da28530358a356f0120d182b27e217eb27aa670

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Content-Type
image/svg+xml
log
hblg.media.net/ Frame 6D21 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?log=kfk&evtid=adplog&&prvAccId=525553168&ckfl=0&lper=1&mx_tgs=300x600&cbdp=0.243&os_id=1&mx_nsz=1&csex=0&spSource=0&vid=9d22d3c9cf914e96ad0ae8349a2e5dee&pvdTmax=21&s_city=frankfurt+am+main&ltime=13.0&ugd=4&cliIPV6=2a01%3A4f8%3A192%3A0%3A0%3A0%3A0000%3A0000&epc=525553168&bcat%3C%3E=NEX11-102%23%23IAB5-2%23%23IAB23%23%23IAB14-3%23%23NEX9-109%23%23IAB11-4%23%23IAB7-39%23%23NEX7-101%23%23NEX9-105%23%23NEX9-107&prvReqId=364253985641_1448997964_32879742812621&exp=sfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Cfl_rl%3D1%7CssProfile%3D0%7Cdbr%3D1&app=0&ctr=-1.0&exid=31&spFst=0&mx_GCID=0&cliIPType=v6&device_id=4&pexid=VERIZON-25225873693&ae=false&brsrclk=0&mx_UCC=1&sbdrid=99&prspt=headerBid&rtttime=152&usp_status=0&seat=262&mx_PC=1&og_cbdp=0.320&size=300x600&wsip=mowx-6d7bfbc74b-5n872&xtmax=205&scrid=80147384836I&mx_SPRIG=0&viewability=-1&rtime=7.0&adj0=0.0&tmax=200&s_ip=3.124.198.37&adj2=0.0&adj1=0.0&geoll=false&mx_lr_seg_cnt=0&adtypes=0&mx_aabpc=0&debug_ts=2021-05-05+04%3A57%3A52&reqid=9d22d3c9cf914e96ad0ae8349a2e5dee&sc=BW&sd=-1&mx_ssProfile=0&mx_SC=0&reftime=15000&pbidflr=0.020&spbf=0&mowxReqId=9d22d3c9cf914e96ad0ae8349a2e5dee_9d22d3c9cf914e96ad0ae8349a2e5dee-1_1&iurl=https%3A%2F%2Fiurl.media.net%2Fdfp%2Fybntag%3Febda%3D1%26crid%3D525553168%26size%3D300x600%26requrl%3Dhttps%253A%252F%252Fthjewel.changiairport.com%26cid%3D8CUIOZQNV&fpusp=false&requrl=https%3A%2F%2Fthjewel.changiairport.com&mnrfc=1&bidrestime=1620190672147&pv_adtype=0&cc=DE&strg=serenity&pcrid=80147384836I&abk=0&is_rewarded=false&bdp=0.320&stagid=y403607&spIsReq=3&s=1&snm=SUCCESS&abs=0%7C0%7Cbflag%3D0%7Cserenity%7Cbrr%3D0%7Cbclk%3D0&mx_IAB2=0&mx_ssBucket=0&vls=0&asn=0&usp_enf=1&bidflr=0.020&mang=1&advUrl=local.com&visage=NA&dn=thjewel.changiairport.com&pid=8PRL4E7N3&spTo=3&dt=O&acid=9d22d3c9cf914e96ad0ae8349a2e5dee_9d22d3c9cf914e96ad0ae8349a2e5dee-1&actltime=14&act=headerBid&pvid=262&iframingState=0&is_ortb=true&mx_aurl_hc=0&bdata=dc%3Dgcp-eu-west1-b%7C%7Cck_fl%3D0%7C%7Cbhp%3D0%7C%7Cseller_tag_id%3Dy403607%7C%7Citype%3DVERIZON%7C%7Cvisibility%3D1%7C%7Cref_cnt%3D1%7C%7Cr_ip%3D2a01-4f8-192-0-0-0-0-0%7C%7Cr_sc%3DNH%7C%7Crbo%3D5_3%7C%7Cdmm_d1%3DT%7C%7Cdmm_d2%3DT%7C%7Cdmm_d3%3D0%7C%7Cdmm_d4%3D10%7C%7Cdmm_d5%3Daaa%7C%7Cdmm_d6%3Dc%7C%7Cdmm_d7%3D0%7C%7Cdmm_d8%3D0%7C%7Cdmm_d9%3D0%7C%7Cdmm_d10%3D0%7C%7Cdmm_d12%3D3%7C%7Cdmm_d13%3D00100%7C%7Cdmm_d14%3D0%7C%7Cdmm_d15%3D1%7C%7Cdmm_d16%3D0%7C%7Cdmm_d17%3D0%7C%7Cdmm_d18%3D0%7C%7Cdmm_d20%3D0%7C%7Cdmm_d21%3D0%7C%7Cdmm_d22%3D-2%7C%7Cdmm_d23%3D3%7C%7Cdmm_d24%3D5%7C%7Cdmm_d25%3D00%7C%7Cdmm_d27%3D2%7C%7Cdmm_d28%3D1%7C%7Cdmm_d29%3Dp-1%7C%7Cdmm_d30%3D0%7C%7Cdmm_d31%3D0%7C%7Cdmm_d32%3D0%7C%7Cdmm_d33%3D0%7C%7Cdmm_d36%3DNA%7C%7Cdmm_d37%3D0%7C%7Cdmm_d40%3D0%7C%7Cdmm_d42%3D0%7C%7Cdmm_d43%3D0%7C%7Cdmm_l%3D0.023%7C%7Cdmm_r%3D0.794%7C%7Ce_rpm%3D0.185%7C%7Cdmm_m1%3D0.185%7C%7Cdmm_m2%3D0.027%7C%7Cdmm_m3%3D1.000%7C%7Cdmm_m7%3D0.851%7C%7Cdmm_m10%3D1.000%7C%7Cdmm_m11%3D0.932%7C%7Cdmm_m12%3D0.851%7C%7Cdmm_m13%3D6%7C%7Cdmm_m14%3D20%7C%7Cdmm_m16%3D0.794%7C%7Cdmm_m21%3D1.000%7C%7Cdmm_m28%3D1.000%7C%7Cdmm_m29%3D1.000%7C%7Cdmm_m30%3D1.000%7C%7Cerpm%3D0.185%7C%7Cvbr%3D0%7C%7C%7C%7Cbid%3D0.32%7C%7Ccbdp%3D%7C%7Csupply_tag_id%3Dy403607%7C%7Ccbdp%3D0.243%7C%7Cdmm%3Dharmony%7C%7Csd%3D-1%7C%7Cdtc%3Deu_be%7C%7Cref_cnt%3D1%7C%7Cdalg%3Dserenity%7C%7Cysp%3D-1%7C%7Cbflag%3D0%7C%7Csobp%3D%7C%7Cbdpcapd%3D0%7C%7Cdmm_erpm%3Dtrue%7C%7Cbflr%3D0.020%7C%7Cogbid%3D0.320%7C%7Cac_type%3D1%7C%7Cseller_tag_id%3Dy403607%7C%7CcarrierId%3D0%7C%7Cdcut%3D25%7C%7Cdogb%3D0-1%7C%7Cibc%3D1%7C%7C%7C%7Ciha%3D0%7C%7Cibc%3D1%7C%7C%7C%7Cdmm_d39%3D0%7C%7Cibc%3D1%7C%7C&mx_lr_seg_deal=0&dfpBd=0.243&sckfl=0&dmm_erpm=true&mx_lr=0&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=1&dbf=1&smbrid=verizon&bfs=103&rfc=1&gdpr=1&prvApiId=8CUIOZQNV&dmm_ogerpm=false&epcexp=false&pubid=pub-verizon&csip=rtb-common-7987bd876f-v2hmp.BE&mx_bsProfile=0&mx_bsBucket=0&sadtsts=0.243&cid=8CU2OO4Y3&bcrid=80147384836I&mx_aurt=0&spIvt=3&dsid=y403607&apPrfs%3C%3E=13%23%2316%23%2343%23%2310&ptype=23&vertical=0&chnl=serenity&smsrc=1&acsn=1&reqsize=300x600&coppa=0&browser_id=5&dtc=eu_be&adpos=1&mx_aqcpl_crid=4&ogbdp=0.32&tpbTkn=false&fpuReq=1&itype=VERIZON&crid=328797428&sat=1&mnet_ckfl=0&spCst=0&tgtval=pub-verizon&dfpDiv=y403607&__expireat=1620190852402&gsi=1&opbidflr=0.020&reftype=0&evttyp=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Referer
https://s.yimg.com/rq/darla/4-8-0/html/r-sf.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 04:57:53 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Wed, 05 May 2021 04:57:53 GMT
p
geo.yahoo.com/ 		43 B
392 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geo.yahoo.com/p?_E=adperf&outcm=performance&etrg=backgroundPost&usergenf=0&etag=performance%2Cdarla&s=1197762640&pvid=g_BOmDEwLjJWNizUTMvZggLBMmEwMQAAAAAJeFeD&D_bv=1.0.0&D_ts=0&D_v=sdarla_4-8-0&D_l=219%2C10%2C2614%2C2281%2C0%2C0%2C343%2C219%2C8&D_m=0%2C%2C4g%2C0%2C1197762640&test=&D_e=&D_p=7%2C0%2CMON%2C300x600%2C999999%2C999999%2C999999%2C0%2C0%2C922%2C3%2C-1%2C-1%2C-1%2C2%2Cg_BOmDEwLjJWNizUTMvZggLBMmEwMQAAAAAJeFeD%3A-1%3AMON%2C2%2C2%2C0%2C2%2C0%2C2%2C0%2C0%2C1%2C1%2C1%2C2%2C0%2C0%2C0%2C0%2C0%2C0%2C3%2Chttps%253A%2F%2Fthjewel.changiairport.com%2C%2C3%2C2%2C3%2C0%2C0%2C-1%2C0%2C0%2C-1%2C-1%2C-1%2C-1%3B&D_res=%7B%22MON%22%3A%5B%7B%22name%22%3A%22https%3A%2F%2Fcontextual.media.net%2F2722522032%2Ffcmain.js%3Fcb%3Dwindow._mNDetails.initAd%26%26gdpr%3D1%26cid%3D8CUIOZQNV%26cpcd%3D334csmRGmBH6mUGUfphIDQ%253D%253D%26crid%3D525553168%26size%3D300x600%26cc%3DRO%26chnm%3Dserenity%26pid%3D8PO56U72N%26tpid%3DT8D1272%26https%3D1%26vif%3D2%26requrl%3Dhttps%253A%252F%252Fthjewel.changiairport.com%26nse%3D5%26vi%3D1620190672377786142%26lw%3D1%26ugd%3D4%26adt1%3D8CU2OO4Y3%26adt2%3D328797428%26bae%3DB4geBaBgxg%26bcpf%3DB4geBaBg8fOnRrolnfOur8xg%26bdrId%3D262%26katbid%3D-103%26ntv%3D0%26matchstring%3Dbcat%253DIAB23%252CNEX9-109%252CIAB7-39%252CNEX7-101%252CIAB26%252CNEX9-105%252CNEX9-107%252CNEX11-102%252CIAB5-2%252CIAB25-3%252CIAB14-3%252CIAB25-2%252CIAB25-1%252CIAB11-4%252CIAB9-7%252CIAB25-5%252CIAB25-4%26katpre%3D1%26nb%3D1%22%2C%22dur%22%3A369%2C%22st%22%3A339%2C%22ssl%22%3Anull%2C%22dns%22%3Anull%2C%22conn%22%3Anull%7D%2C%7B%22name%22%3A%22https%3A%2F%2Fcontextual.media.net%2Fnmedianet.js%3Fcid%3D8CUIOZQNV%22%2C%22dur%22%3A155%2C%22st%22%3A160%2C%22ssl%22%3Anull%2C%22dns%22%3Anull%2C%22conn%22%3Anull%7D%2C%7B%22name%22%3A%22https%3A%2F%2Fstatic-eb.media.net%2Frtb%2Fresource%2Fadperformance.js%3Fv%3Dc7ed9102e5%22%2C%22dur%22%3A134%2C%22st%22%3A161%2C%22ssl%22%3Anull%2C%22dns%22%3Anull%2C%22conn%22%3Anull%7D%2C%7B%22name%22%3A%22https%3A%2F%2Fprod-m-node-3111.ssp.advertising.com%2Fadmax%2FadEvent.do%3Ftidi%3D770829437%26dcn%3Dbrxd296061%26posi%3D873536%26grp%3D%253F%253F%253F%26nl%3D1620190672161%26rts%3D1620190671978%26pix%3D1%26et%3D1%26a%3Dg_BOmDEwLjJWNizUTMvZggLBMmEwMQAAAAAJeFeD-1%26m%3DaXAtMTAtMjItMTE5LTE3NQ..%26p%3DMC4wMDAyNDM%26b%3DMTI4NTg7bWVkaWFuZXQxO2xpc3RpbmdzLmxvY2FsLmNvbTs7Ozs5ZDIyZDNjOWNmOTE0ZTk2YWQwYWU4MzQ5YTJlNWRlZTsyOTM4ODE3NDsxNjIwMTg5MDAwOzswLjAwMDI0Mzs7MA..%26xdi%3DPz8_fD8_P3w_Pz98MA..%26xoi%3DMHxERVU.%26hb%3Dtrue%26type%3D0%26af%3D5%26brxdPublisherId%3D25225873693%26brxdSiteId%3D296061%26brxdSectionId%3D81217061%26dety%3D2%22%2C%22dur%22%3A111%2C%22st%22%3A162%2C%22ssl%22%3Anull%2C%22dns%22%3Anull%2C%22conn%22%3Anull%7D%2C%7B%22name%22%3A%22https%3A%2F%2Fqsearch-a.akamaihd.net%2Flog%3Flogid%3Dkfk%26evtid%3Ddmmra%26ckfl%3D0%26lper%3D%26app_type%3Dprod%26ogerpm%3D0.0000%26stid%3Dy403607%26other_prv%3D262%26jar_err%3D%26current_day%3D3.0%26req_id%3D9d22d3c9cf914e96ad0ae8349a2e5dee%26dmm_d36%3DNA%26bidfp%3D0.0200%26ugd%3D4%26predicted_wr%3D0.5227%26exp%3D%26cache%3D%26second_bidder%3D*%26search_res%3D24%26iter%3D%26floor_bucket%3D0.00%26seat%3D262%26size%3D300x600%26f_seg%3D%26prdp%3D0.2432%26local_wr_url%3D0.0000%26ogcbdp%3D0.3200%26dfpbd%3D0.2432%26server%3D1%26ogerpm_wd_bkt%3D0-1%26model_version%3D202105031008_verizon%26viewability%3D-0.0100%26cut%3D24%26dmm_r%3D0.7940%26dmm_l%3D0.0230%26as_cache%3D0%26tcyerpm%3D%26sc%3DBW%26send_erpm%3Dtrue%26apcnt%3D%26sd%3D-1%26seg%3D%26dmm_m4%3D1.0000%26erpm_bucket%3D0.00%26ugd_ver%3D%26requrl%3Dthjewel.changiairport.com%252F%26bidrestime%3D1620190672147%26cc%3DDE%26strg%3Dserenity%26bdpcapd%3D0%26current_hour%3D4%26time_stamp%3D2021-05-05%2B04%253A57%253A52%26model_key%3Dverizon%26rvshhon%3D%26ybncaERPM%3D0.0000%26mul_ratio%3D1.0000%26bdp%3D0.3200%26td%3D%26ct%3D%26akey%3D%26mnckfl%3D0%26har_prc%3D%26bdp_bucket%3D0.30%26algo%3Dserenity%26dc%3Deu_be%26splid%3Dy403607%26dim4%3Dexploration%26dn%3Dthjewel.changiairport.com%26ua%3DMozilla%252F5.0%2B%2528Windows%2BNT%2B10.0%253B%2BWin64%253B%2Bx64%2529%2BAppleWebKit%252F537.00%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F83.0.0000.00%2BSafari%252F537.00%26dmm_m10%3D1208375%26bdp_wider_bucket%3D1%26acid%3D9d22d3c9cf914e96ad0ae8349a2e5dee_9d22d3c9cf914e96ad0ae8349a2e5dee-1%26ecp%3D0.0%26infl%3D%26o_ver%3DNT%2B10.0%26br_ver%3D83.0.0000.00%26bdmm_m6%3D0.0000%26bdmm_m7%3D0.8510%26bdmm_m5%3D0.0000%26ver%3D6.0.5%26totalTimeBucket%3D3%26visibility%3D1%26totalTime%3D3436469%26dmm_m1%3D2021-05-05%2B04%253A57%253A52.149272115%26e_rpm%3D0.1850%26racnt%3D%26gdpr%3D%26vsid%3DEEA0000%26amino%3Dfalse%26algo2%3D%26algo1%3D%26log_less%3Dfalse%26ogerpm_used%3Dfalse%26bdmm_m12%3D0.8510%26cid%3D8CU2OO4Y3%26rawbid%3D0.3200%26seat_id%3D262%26sub_bidder%3D0%26sluid%3D%26pbshr%3D100.0000%26dmm_d10%3D0%26o_id%3D101%26clisp%3Drtb-common-7987bd876f-v2hmp.BE%26dfp_bucket%3D0.25%26adblk%3D0%26itype%3Dverizon%26pvid_seat%3D262_262%26cliIP%3D0%26advurl%3Dhttps%253A%252F%252Flistings.local.com%26level_base%3D0%26crid%3D328797428%26sat%3D1%26br_id%3D265%26cut_bkt%3D25%26iwb%3D1%26dmm_d22%3D-2%26second_bid%3D0.000000%26sc_pvid%3D262%26capd%3D%26other_bids%3D0.32%22%2C%22dur%22%3A95%2C%22st%22%3A161%2C%22ssl%22%3Anull%2C%22dns%22%3Anull%2C%22conn%22%3Anull%7D%5D%7D&t=1620190673771
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://thjewel.changiairport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 04:57:53 GMT
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
p3p
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control
no-cache, no-store, private
x-envoy-upstream-service-time
5
content-type
image/gif
content-length
43
bqi.php
lg3.media.net/ Frame 6D21 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bqi.php?lf=3&&vgd_hb_audit_1=8CU2OO4Y3&vgd_hb_audit_2=328797428&vgd_l2type=setting&pid=8PO56U72N&cme=YCodqMg-GhUilO_fWc0BhPO-bTFRqeJDpp-oUJ_mIcjEA-T0YZ9tFPdA0L1tt-dBfju78ZgNWLg9-9GIZDMAby6nMZHiRpjWuq7jDL7FAa9SVbupp-hrwEzfhyKR5cDp1i9fqlkOCbkKYLA7TPA9BDefSZ8mHz_DwkuhdlFtQ2o9BA24EYhgS9ZNfYCuAOPJe0VoAjg4h3kS45Wl1FsGokWu8FfGvpTN||NDHRnZ9Gz3KXlI-i9OnZqQ==|egxAhfhrGFwYR1FT5uQuBGQyot3GWgaO|sRBSg3CPSiQ=|YdjFvixrVaHnD__iNbsNxsS1EDmozZjVpNItEUySnNfSsjmuJTTLSQ==|uet4nflvc24v2SlpMSUpKMcN_wlP6FN5|5tHgE6ddNOj9TtbYdsXENvYQquOYMQyp|N7fu2vKt8_s=|eyOPkfgOPIj9_VXrJSKlxwjeCMF4woN31JHUOX74htfcBkVTnJJ0mPgSUI12dUJMwmPjEsZDQ4C6qCO25UmVCwsa6v9eAhKSwXHnob0KGp2PB1yor4BRW-JXEC6wXkpAGfS5S7e1Rlv2h5x3DDIEuO28b2jz8GMLjIDq-Amb9p_54wT5118j0F0VSFjml2ZTWsnclRpFips7MW0yVkNCg-StYCGRw1XU|&gdpr=1&prid=8PRVCXX19&cid=8CUIOZQNV&crid=525553168&requrl=https%3A%2F%2Fthjewel.changiairport.com&vi=1620190672377786142&ugd=4&cc=RO&bdrid=262&subBdr=99&startTime=1620190672600&l2type=setting&vgd_l1rakh=1620190672152045050&l1ch=1&katbid=-103&sttm=1620190672609&upk=1620190673.13449&hvsid=00001620190672609014958405126906&acid=9d22d3c9cf914e96ad0ae8349a2e5dee_9d22d3c9cf914e96ad0ae8349a2e5dee-1&verid=3111299&vgd_bdata=dc%3Dgcp-eu-west1-b%7C%7Cck_fl%3D0%7C%7Cbhp%3D0%7C%7Cseller_tag_id%3Dy403607%7C%7Citype%3DVERIZON%7C%7Cvisibility%3D1%7C%7Cref_cnt%3D1%7C%7Cr_ip%3D2a01-4f8-192-0-0-0-0-0%7C%7Cr_sc%3DNH%7C%7Crbo%3D5_3%7C%7Cdmm_d1%3DT%7C%7Cdmm_d2%3DT%7C%7Cdmm_d3%3D0%7C%7Cdmm_d4%3D10%7C%7Cdmm_d5%3Daaa%7C%7Cdmm_d6%3Dc%7C%7Cdmm_d7%3D0%7C%7Cdmm_d8%3D0%7C%7Cdmm_d9%3D0%7C%7Cdmm_d10%3D0%7C%7Cdmm_d12%3D3%7C%7Cdmm_d13%3D00100%7C%7Cdmm_d14%3D0%7C%7Cdmm_d15%3D1%7C%7Cdmm_d16%3D0%7C%7Cdmm_d17%3D0%7C%7Cdmm_d18%3D0%7C%7Cdmm_d20%3D0%7C%7Cdmm_d21%3D0%7C%7Cdmm_d22%3D-2%7C%7Cdmm_d23%3D3%7C%7Cdmm_d24%3D5%7C%7Cdmm_d25%3D00%7C%7Cdmm_d27%3D2%7C%7Cdmm_d28%3D1%7C%7Cdmm_d29%3Dp-1%7C%7Cdmm_d30%3D0%7C%7Cdmm_d31%3D0%7C%7Cdmm_d32%3D0%7C%7Cdmm_d33%3D0%7C%7Cdmm_d36%3DNA%7C%7Cdmm_d37%3D0%7C%7Cdmm_d40%3D0%7C%7Cdmm_d42%3D0%7C%7Cdmm_d43%3D0%7C%7Cdmm_l%3D0.023%7C%7Cdmm_r%3D0.794%7C%7Ce_rpm%3D0.185%7C%7Cdmm_m1%3D0.185%7C%7Cdmm_m2%3D0.027%7C%7Cdmm_m3%3D1.000%7C%7Cdmm_m7%3D0.851%7C%7Cdmm_m10%3D1.000%7C%7Cdmm_m11%3D0.932%7C%7Cdmm_m12%3D0.851%7C%7Cdmm_m13%3D6%7C%7Cdmm_m14%3D20%7C%7Cdmm_m16%3D0.794%7C%7Cdmm_m21%3D1.000%7C%7Cdmm_m28%3D1.000%7C%7Cdmm_m29%3D1.000%7C%7Cdmm_m30%3D1.000%7C%7Cerpm%3D0.185%7C%7Cvbr%3D0%7C%7C%7C%7Cbid%3D0.32%7C%7Ccbdp%3D%7C%7Csupply_tag_id%3Dy403607%7C%7Ccbdp%3D0.243%7C%7Cdmm%3Dharmony%7C%7Csd%3D-1%7C%7Cdtc%3Deu_be%7C%7Cref_cnt%3D1%7C%7Cdalg%3Dserenity%7C%7Cysp%3D-1%7C%7Cbflag%3D0%7C%7Csobp%3D%7C%7Cbdpcapd%3D0%7C%7Cdmm_erpm%3Dtrue%7C%7Cbflr%3D0.020%7C%7Cogbid%3D0.320%7C%7Cac_type%3D1%7C%7Cseller_tag_id%3Dy403607%7C%7CcarrierId%3D0%7C%7Cdcut%3D25%7C%7Cdogb%3D0-1%7C%7Cibc%3D1%7C%7C%7C%7Ciha%3D0%7C%7Cibc%3D1%7C%7C%7C%7Cdmm_d39%3D0%7C%7Cibc%3D1%7C%7C&matchstring=bcat%3DIAB23%2CNEX9-109%2CIAB7-39%2CNEX7-101%2CIAB26%2CNEX9-105%2CNEX9-107%2CNEX11-102%2CIAB5-2%2CIAB25-3%2CIAB14-3%2CIAB25-2%2CIAB25-1%2CIAB11-4%2CIAB9-7%2CIAB25-5%2CIAB25-4&vgd_matchstr=bcat%3DIAB23%2CNEX9-109%2CIAB7-39%2CNEX7-101%2CIAB26%2CNEX9-105%2CNEX9-107%2CNEX11-102%2CIAB5-2%2CIAB25-3%2CIAB14-3%2CIAB25-2%2CIAB25-1%2CIAB11-4%2CIAB9-7%2CIAB25-5%2CIAB25-4&vstrid=EEA0000&infr=1&twna=1&vgd_ecrid=80147384836I&l1hcsd=l1!N4|2966&vgd_uspa=0&vgd_isiolc=1&clp=%7B%7D&cl=%7B%7D&l2ch=0&l2wsip=2887305233&sethcsd=set!A12%7C2924&vgd_pgid=p1846158656t202105050457&vgd_pgids=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

Referer
https://s.yimg.com/rq/darla/4-8-0/html/r-sf.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
server
Apache
date
Wed, 05 May 2021 04:57:54 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Wed, 05 May 2021 04:57:54 GMT
pixels
service.idsync.analytics.yahoo.com/sp/v0/ Frame FBE9 		13 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://service.idsync.analytics.yahoo.com/sp/v0/pixels?referrer=https%3A%2F%2Fthjewel.changiairport.com%2F
Requested by
Host: tag.idsync.analytics.yahoo.com
URL: https://tag.idsync.analytics.yahoo.com/sp-frame.html?referrer=https%3A%2F%2Fthjewel.changiairport.com%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://tag.idsync.analytics.yahoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Date
Wed, 05 May 2021 04:57:55 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Server
ATS/7.1.2.128
Age
0
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://tag.idsync.analytics.yahoo.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated boolean| __pbpa string| translated_warning_string function| $ function| jQuery function| gtag object| dataLayer object| dotq object| Tumblr function| jQueryBridget function| getSize function| EvEmitter function| matchesSelector object| fizzyUIUtils function| Outlayer function| Packery string| __cmpEnv function| __uspapi function| __tcfapi function| __cmp function| isInArray function| imagesizeReduce function| preparegrid function| stickIt object| pckry function| packeryint function| infinityint function| changeSliderBg number| winwidth object| jQuery191043539370709670977 function| setSplashDimention function| getAdv object| DARLA_CONFIG object| YAHOO function| base64 function| lzw_encode object| RawDeflate function| _ object| Backbone object| scrollMonitor number| lastApvTime object| _initTimeStamp object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga boolean| COMSCORE object| gaplugins object| gaGlobal object| gaData object| DARLA object| $sf undefined| $yac boolean| sf_auto_3-5-4-2021 object| _Y

6 Cookies

Domain/Path Name / Value
.changiairport.com/ Name: _gat_gtag_UA_68928646_42
Value: 1
.media.net/ Name: gdpr_status
Value: 1
.changiairport.com/ Name: _ga
Value: GA1.2.2046527393.1620190672
.changiairport.com/ Name: _gid
Value: GA1.2.800185119.1620190672
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
thjewel.changiairport.com/ Name: cmp
Value: j=1&t=1620190672

3 Console Messages

Source Level URL
Text
console-api log URL: https://s.yimg.com/rq/darla/4-8-0/js/g-r-min.js(Line 3)
Message:
DARLA notice: 425
console-api log URL: https://s.yimg.com/rq/darla/4-8-0/js/g-r-min.js(Line 3)
Message:
DARLA notice: 426
console-api log URL: https://s.yimg.com/rq/darla/4-8-0/html/r-csc.html(Line 21)
Message:
darla csc writer, potential invalid html content

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests; default-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: blob: 'unsafe-inline';
Strict-Transport-Security max-age=15552001
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6071807.fls.doubleclick.net
64.media.tumblr.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
assets.tumblr.com
consent.cmp.oath.com
contextual.media.net
fc.yahoo.com
fonts.googleapis.com
fonts.gstatic.com
geo.query.yahoo.com
geo.yahoo.com
hblg.media.net
lg3.media.net
opus.analytics.yahoo.com
pixel.wp.com
prod-m-node-3111.ssp.advertising.com
px.srvcs.tumblr.com
qsearch-a.akamaihd.net
res-a.akamaihd.net
s.yimg.com
s3-ap-southeast-1.amazonaws.com
sb.scorecardresearch.com
secure.static.tumblr.com
service.cmp.oath.com
service.idsync.analytics.yahoo.com
static-eb.media.net
static.tumblr.com
stats.g.doubleclick.net
tag.idsync.analytics.yahoo.com
ter-adserver-origin-us.prod.adtechus.com
thjewel.changiairport.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.tumblr.com
152.195.51.15
152.199.23.180
172.217.23.102
18.195.255.193
192.0.76.3
192.0.77.3
192.0.77.40
2.16.186.43
2.16.186.66
2.18.235.93
2606:2800:135:155a:23ba:b2a:25ff:122d
2a00:1288:110:c204::b000
2a00:1288:80:800::7000
2a00:1450:4001:802::2002
2a00:1450:4001:803::2003
2a00:1450:4001:808::2004
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2008
2a00:1450:4001:828::200e
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2003
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
2a00:1450:400c:c04::9d
3.126.56.137
52.219.132.114
52.72.233.34
65.9.84.29
74.114.154.22
00c3d727f4c51b8f9487e242fc67713c46694e47714da0dab499b1322eb73c11
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
13f8b9a9eff37b2376aa73bfe094aa3e7b07adfeb0e1706811c65fbdbc288271
16e62770f3e52da04bdd207c184c49c8b540974d2bafa53b5abf71d7611fc750
1ce701c8370ed363e267233df7c528dc6faa5f2198a97e555ba78322fde7c20d
1e699eb46177b51496bd8a2d28148ae9142cee43d1cdced818294cdcc1526970
1f1c3c925c904327278383e58adcee525873348cfeb5347cd26de104a1e26dbc
22f43473f6e791253536ae25ef4e024ffe957246fb2ad684c4326b55280588c0
243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311
26e4a5a54f88139dcd133ac83063f733c14de5f96b08d830e0914f51e5a72453
27399d832dd60631e3393aceb1d34f06bfea49f36e15d7f4a434922c68c0504f
2757656f4ab0d64d888fffac135980d6d7ef42fed60814c61e35f44b2d560cd5
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2f153a4344f522ad53159fa59b3899ca12bc2c5eefdb338694f8a67428f74979
2f327f72cd401b8b8e7ea178af2bbd9c3dff6dc716b7094c205457b1464804be
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
34d318c99068596e4b2e3dbc938ca029d2706f1d9fac55e0a87c706db15d1b3e
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
3bf145f4211f66515359acef4b5b1e3ad785d1510328f63f5ef48f090399e434
3d3bb581cac6eed57c580786722e0d5b4b04f9e720bf2c3d2a4ef311b679d1fb
3d48b44f1a81248c7fa11ec634852c317f855f3505442e41d8bfced0f0db0e94
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f1fdef4f502d2db072df997a1b83e977c3e257521551a9e4de98b1c28fa8a39
43784b4ea8777982fe196812e1fa6ae1483e88bddd94dc377099bb913529a678
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44e911ce9b6ce9ced8d252bdc71ccbd8abc3a96889129059f2aea8d43d36dc77
4770a058b6e5cca9ccc3a8d5d0c166134284850b068ee9f936c20b713879d969
47a38ffaab8c68e1181fab94e88099405f10bd1c6cae5abc8897ff57bb93db7d
4d43452439357274b14d7a00a238222c9d7271c297442c5d8d91912566830d45
52a56fc70013d3198b29e2367c6704bb11f620153160c82e082157bc9f5bf204
56a52278d8c6cbca3ca30b0ae2405d84ae816c8d9a5a4478454fd15ee717f266
5c6569228ec5d1da59f7ec2843028068d3de49c3185034878d981d6ace1578df
5c716b541f4ddccc7b9be7e11b956c77edb05261ac160e4abdc9d72a32f13f2f
63896532a7015ab5b7288359c02124980a5075e9267f0ba3fbfc7c3f5038b478
63d45829587f387b0242df6cb0a86567ef5ff3433c3b6d8fc417b9c5d1086667
65aa946829133f2163ed351882e770c0e7651c8c95fac3c53aa78e02a938b7ca
6e1ef1e35e2d2d2a9fd12c773f8cf7a9224bc42e6a9c447cb685804d6920a5b6
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7abe0c618fc5039eedb18ae7ee521688fec9ac9debc5db050dc2397c01565513
7ef751a44c2db01056cbdd8e5dc3772ccc817783a190224c49a55c77ad429efd
7f68db4c076235a413a0d50e81528c4ffd24501dd05379c2ba86ea5ac5d2a9cf
7fcd3adf08195a781e7eade16328a4071b92982a92fdc7540c5a0aafcef498d4
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8fda1126c61e6a0d1ae6fd99a0d290352ac714bc44965e358ad0176bff6ce5ee
9064f4ab926b5e7502267116168d45ca724a843f9e4e6600941c947985b9af7c
9194059997d722ec01e41980dffbff03ebe00808b1cdd164a7fd18a561bc312a
9626a3ccc1114446c855c33931928ac95d0a0287566d37129b36a190800ecc51
9d013836d140b99ca48527a0fb33719b08826f87052d64660116c0306f6d714b
a31095a30fadc425e1c17ca305f2bbec505a43f618815644eff72f5cbbb5eaf9
a4681204efc2dc2c3aafbe97dff924470cdac31b5f05ff0e45f1390445cafae0
adf388e42c114b0aa19feeb9510a2a0cdf549c4774dfe770c2e2f4e122387a01
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3a05ceb70ae54f67410af70b7ad9c37812d656a294932eafd35d0b6b9f63699
b69c2c9b650280c60eda7e10d544a5bd6aa4cc082088c90fe94282fbf757e71d
b953e6cd2b1446a352b04072c35b4dc60a287932b5835545d01457c97dc368cc
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c2b1146b4fa010ad7b327ac6e13b277a73787eee1c33b30093a5639d434eba35
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c3eecf14b4c1737a9887b1473da28530358a356f0120d182b27e217eb27aa670
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c8a7d71935396f7d4e73146f7318d1567e1a6657e4df196f1702be190c841141
c8a7ea184c79a6f61c400968314d03aae7c327f03efc03603f6a3cbada7bfb9a
c9d4ddded3e177fc351d042d51550efc48e0d7a3a4b5632a30319b6d10d492cc
ca6f1ff145eadd67f120a65126e98016f996e057cc7f546d2bc546c4038302d5
cb9f274aca2fcd18d0ab90868d9e1ff24ea00201b7d2695ce454fc53526cae31
d1a98e7b54eeac4a1d26ce1be3bf0609ab182860466a0149c37a838d243ee9e6
d326a48279f647e8da46a116ddf24c520df730bef292c7b2b58c4dcc4cebedbf
d7b964b842b9ad0410355d59621acd1b28815a9b9bf746bd03d7af7af3f9791a
daf5bad3dcc900f04fd01e71a81d641586ed61097ed67ed35caaa821d885e7ac
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e80adb39fa3b780a43c41c8ffa80cc3fe6ec84f858d7a671f6c5ff5d79342d87
eb2783e0f4ae428363f7e36fc4ecb4057dbae329d858efee6775ba60f254a81d
ec4317b3c60e5c3f35d9a3662c416d84b0a62b6e11bee8aa70b49eb81937199b
eef86bfe4f7a0a1e3de4a7dd119266822a91455c316e2ff820e646aea92aec99
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef592ed6c7f9d5cba994f2a561677e336c27cd9a4706d87ae79160b6fa841a7e
efa70d6e32423159b2c5d940441d59c9db589b2174c0a1681134f2bb5bfc778e
f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b
f2cfbd195dff011843f93e2d32979f6f07926211cbf3edddc3b708b0bb04c8a2
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f94b72f5e3e61f5035414debaa28ac552851ef81662b80601c5055a98f4a4e87
fb9fc9437724d9aa9afca4219e3eaab6c3ae03e6d4ca15a78149455c4e511e41
fc2785c46bfd8d9a9c13c46ac59b46e9688744176365b16a89d15e94e974f605
fcbaeadfffc791269a437216ee74bc95aabf4a2ee0a61b152e302a973e78fe63